A cybercriminal group has posted what it claims are documents stolen from Hackney Council in a ransomware attack last year. Last year in October, the council was hit with serious cyber-attack. The council is working with UK’s National Cyber Security Centre (NCSC) and the Ministry of Housing to investigate the impact of the incident. The stolen documents contain very sensitive information such as “passportsdump”, “staffdata” and “PhotoID” and were posted on a darknet.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>The continued and increasing number of cyber-attacks on public sector organisations such as Hackney Council is a growing cause for concern. Especially considering the public sector impacts so many lives and often holds sensitive personal data for millions of people. This makes the public sector a prime target for cybercriminals as attacks such as this can present significant consequences for society. The public sector relies on their reputation to gain the trust of the public to operate efficiently to successfully achieve running a town, region, or country with often limited budgets – which have been further squeezed due the pandemic. Therefore, it’s imperative for public sector organisations to have a water tight security solution to limit the risk of a cyber-attacks and simultaneously reassure the public that their data is secure which in the long run saves organisations money instead of being forced to pay ransom.<u></u><u></u></p> <p> </p> <p>It’s recommended that paying a ransom should be avoided and organisations should never give into pressure as there is no guarantee data will be decrypted – and as long as organisations continue to pay, attackers will view this attack approach as being financially viable. This also give criminals the impression that in future they can target these organisations again for payment.<u></u><u></u></p> <p> </p> <p>Mitigating ransomware attacks by implementing robust security measures is always the recommended approach to avoid significant downtime and preserve business as usual. Individual employees can also assist by educating themselves on the risks of potential phishing emails and to be aware of the risks associated with opening unsafe attachments and email links.</p>
<p>Although it\’s not clear exactly what information was contained in the stolen data, much of it appears to be scans or copies of identification, such as passports. Those documents contain sensitive information that cybercriminals could use to target people whose data was stolen. Victims should be on the lookout for phishing emails and other messages impersonating Hackney Council or some other authority. Never click on links or attachments in an unsolicited email, and always verify the sender\’s identity before responding.</p> <p>Passports scans and other photo ID can also be used as part of an identity fraud scheme. Such scans can be used to open financial accounts for money mules and bank drop scams, for example. Additionally, <wbr />multiple forms of ID are usually required to pass proof-of-address and proof-of-identification checks on websites. These checks are often part of the account recovery process in which a user has somehow lost access to their account and must prove who they are to regain access.</p>
<p>Cybercriminals exploit confusion and uncertainty. The pandemic has been a case in point with a huge rise in scams, and during this new lockdown we can expect to see more cyber-attacks like this. While these cyber-attacks are inevitable, their success needn’t be.</p> <p> </p> <p>We know the scams and hacks are coming. Institutions, their employees, and other stakeholders must understand what is at stake: personal data is worth more than ever on the dark web – bank details, passwords, and much more. A lack of cybersecurity solutions in place will let the hackers in. </p> <p> </p> <p>Councils and other state institutions have a responsibility to deploy fully up-to-date cybersecurity that tracks and defends against new threats. But employees and other stakeholders also have a role to play: making the job of cyber attackers as difficult as possible. How? By improving their cyber hygiene through constant vigilance and exercising zero trust.</p>
<p>Unfortunate victims that are affected by the Hackney Council breach will want to stay aware of phishing attempts by the bad guys that downloaded the breached data. The bad actors will surely send targeted phishing emails and texts in an effort to leverage the data included in the breach to gain more personal information from the victims.</p>
<p>Ransomware attacks will continue to be a serious threat to the public and private sector in 2021. Companies shouldn\’t lapse into a sense of normalcy by any stretch of the imagination because even though the worldwide number of new ransomware strains continues to shrink, many cyber criminals have perfected their tactics and are reaping the benefits with massive ransoms being paid out. For the Hackney Council and other organizations in the UK, a proactive security approach needs to be the priority in 2021. What I mean is that security teams and IT professionals responsible for security need to be actively hunting in their own networks for malicious activity. Taking the first punch in the battle with threat hunting that can root out suspicious behaviour is paramount in turning the tables on cybercrime. In addition, Hackney Council employees and anyone associated with the organization should never click on attachments in emails unless the source can be verified. Also, never download content from dubious websites. And implement security awareness training to yield meaningful results, when included with other cyber awareness training that becomes part of a company\’s security culture.</p>