A cybercriminal group has posted what it claims are documents stolen from Hackney Council in a ransomware attack last year. Last year in October, the council was hit with serious cyber-attack. The council is working with UK’s National Cyber Security Centre (NCSC) and the Ministry of Housing to investigate the impact of the incident. The stolen documents contain very sensitive information such as “passportsdump”, “staffdata” and “PhotoID” and were posted on a darknet.
Experts Comments
Although it's not clear exactly what information was contained in the stolen data, much of it appears to be scans or copies of identification, such as passports. Those documents contain sensitive information that cybercriminals could use to target people whose data was stolen. Victims should be on the lookout for phishing emails and other messages impersonating Hackney Council or some other authority. Never click on links or attachments in an unsolicited email, and always verify the sender's
.....Read MoreCybercriminals exploit confusion and uncertainty. The pandemic has been a case in point with a huge rise in scams, and during this new lockdown we can expect to see more cyber-attacks like this. While these cyber-attacks are inevitable, their success needn’t be.
We know the scams and hacks are coming. Institutions, their employees, and other stakeholders must understand what is at stake: personal data is worth more than ever on the dark web – bank details, passwords, and much more. A lack
.....Read MoreUnfortunate victims that are affected by the Hackney Council breach will want to stay aware of phishing attempts by the bad guys that downloaded the breached data. The bad actors will surely send targeted phishing emails and texts in an effort to leverage the data included in the breach to gain more personal information from the victims.
Ransomware attacks will continue to be a serious threat to the public and private sector in 2021. Companies shouldn't lapse into a sense of normalcy by any stretch of the imagination because even though the worldwide number of new ransomware strains continues to shrink, many cyber criminals have perfected their tactics and are reaping the benefits with massive ransoms being paid out. For the Hackney Council and other organizations in the UK, a proactive security approach needs to be the
.....Read MoreWhenever an organisation is in the position of dealing with a demand of ransom from a cyber-attack, the time for securing data has passed. At best there is a hope the attackers will do as they state and not release the data, but there is nothing to say that copies didn’t otherwise exist, and the attackers view the ransom as but one of a number of revenue streams associated with the data. While there is value in performing post-incident forensic analysis, the best analysis is performed prior
.....Read MoreDot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
The continued and increasing number of cyber-attacks on public sector organisations such as Hackney Council is a growing cause for concern. Especially considering the public sector impacts so many lives and often holds sensitive personal data for millions of people. This makes the public sector a prime target for cybercriminals as attacks such as this can present significant consequences for society. The public sector relies on their reputation to gain the trust of the public to operate
.....Read MoreThe continued and increasing number of cyber-attacks on public sector organisations such as Hackney Council is a growing cause for concern. Especially considering the public sector impacts so many lives and often holds sensitive personal data for millions of people. This makes the public sector a prime target for cybercriminals as attacks such as this can present significant consequences for society. The public sector relies on their reputation to gain the trust of the public to operate efficiently to successfully achieve running a town, region, or country with often limited budgets - which have been further squeezed due the pandemic. Therefore, it’s imperative for public sector organisations to have a water tight security solution to limit the risk of a cyber-attacks and simultaneously reassure the public that their data is secure which in the long run saves organisations money instead of being forced to pay ransom.
It’s recommended that paying a ransom should be avoided and organisations should never give into pressure as there is no guarantee data will be decrypted - and as long as organisations continue to pay, attackers will view this attack approach as being financially viable. This also give criminals the impression that in future they can target these organisations again for payment.
Mitigating ransomware attacks by implementing robust security measures is always the recommended approach to avoid significant downtime and preserve business as usual. Individual employees can also assist by educating themselves on the risks of potential phishing emails and to be aware of the risks associated with opening unsafe attachments and email links.
Read LessLinkedin Message
@Carl Wearn, Head of E-Crime , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Especially considering the public sector impacts so many lives and often holds sensitive personal data for millions of people...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-hackney-council-leaked-documents
Facebook Message
@Carl Wearn, Head of E-Crime , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Especially considering the public sector impacts so many lives and often holds sensitive personal data for millions of people...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-hackney-council-leaked-documents