BBC News are reporting this morning that An attempt to defraud thousands of people using a bogus email from a UK airport was one of a range of cyber-attacks prevented last year. The scam used a fake gov.uk address, but the messages were prevented from ever reaching their intended recipients. The details were revealed by GCHQ’s National Cyber Security Centre in an annual report. In all, NCSC disclosed it had stopped 140,000 separate phishing attacks.
Email scammer's plan to defraud 200,000 airport customers is foiled: The NCSC's Active Cyber Defence report outlines how the scheme has helped defend the UK from hackers – and outlines plans for continuing to do so in future. https://t.co/ZckW28XXqj pic.twitter.com/hxWGa0gIDy
— Global Cyber Threat Intel (@cipherstorm) July 16, 2019
Experts Comments:
Corin Imai, Senior Security Advisor at DomainTools:
“This is a massively encouraging progress report we have received from the NCSC, and the UK is extremely wise to have invested in such a diligent dedicated cybersecurity centre in order to combat cybercrime. Phishing is one of the most common and sadly one of the most effective methods of extracting funds by nefarious means from the general public, so the NCSC being able to stop 140,000 separate phishing attacks is a step in the right direction. However, there is only so much that one organisation can do on its own – even a government funded one. With an estimated 1.5 million new phishing sites created every month, cybersecurity teams at governments all over the world need to be working as hard as the NCSC. In addition to this, organisations and educational institutions need to make a base level of phishing training available for everyone who has Internet access – Taking the profitability out of phishing scams is ultimately how we can continue to build on the good work of the NCSC and move towards making phishing a thing of the past.”
Kelvin Murray, Senior Threat Researcher at Webroot:
“The NCSC plays a critical role in protecting UK businesses against increasingly sophisticated cyberattacks, but this work is only part of the solution. Bad actors continue to invest resources and creativity into making their attacks more convincing. This report outlines how certain sectors – in particular government, health, education and transport – are often both the victims of compromise and the targets of impersonation to further compromise other targets namely business.
Phishing is over 20 years old and remains an extremely popular method of attack, that has seen constant innovation this year. Despite the wide scope of this report and the many threats outlined, the methods of mitigating these attacks should be familiar to organisations. A multi-factorial approach combining user education, updates, DNS, file, email and URL filtering is vital to keeping the enterprise safe from these attacks. In addition, an emphasis on collaboration in the information security sector as a whole will help us stay one step ahead of the bad guys.”
Rob Norris, VP Enterprise and Cyber Security at Fujitsu:
“Cybersecurity challenges aren’t slowing down and this annual report by GCHQ’s National Cyber Security Centre illustrates the magnitude of the problem. Cybercriminals today are creative and equipped with a multitude of tools helping them see their attacks through, making it vital for all organisations to think how they can safeguard their data and business assets.
“Unfortunately one of the simplest methods of stealing sensitive information is through a basic email phishing campaign, as proved by the fact that NCSC stopped 140,000 phishing attacks last year alone. This is partially because organisations still rely heavily on email to communicate both internally and externally, but also because of the human factor. Human behaviour is cited as the biggest challenge in email security, therefore it is imperative that businesses prioritise vigilance and awareness through education and training.
“I would advise that some of the things we can do to identify suspected email security threats are hovering over the email hyperlinks before clicking to see the web address; blocking executable files and emails with large attachments; being mindful of password reset emails; and using a VPN when working remotely or using public WiFi. In today’s digital world, no one is immune from data theft, and being vigilant, both as an employee and as a consumer, is paramount.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.