Cybersecurity roundup July 2023

---

July 2024 had 87 cyber incidents with more than 146 million records breached.

This compares to 14 million in June, 98 million in May, 4.3 million in April, 42 million in March and 29.5 million in February, but it still doesn’t come close to the astounding 277.6 million records breached in January 2024.

The impact of the now-infamous MOVEit vulnerability ripples on, with many businesses still feeling the aftershocks.

Here’s the other top stories you need to read:

Malware incidents double in Q1 2023

A new study conducted by Uptycs has uncovered a stark increase in the distribution of ‘information stealing’ malware. Incidents have more than doubled in Q1 2023, so companies need to have robust systems and processes in place to deal with the malware threat.

50% of UK businesses struggling to fill cybersecurity skills gap

Half of UK businesses are struggling to fill cybersecurity skills gap according to a report published by the Department for Science, Innovation and Technology (DSIT).

• Around half of businesses do not have staff to carry out basic cybersecurity tasks such as detecting and removing malware.
• A third of businesses lack people with more advanced cyber training to manage the more advanced tasks such as conducting forensic analysis of security breaches.
• There is an estimated shortfall of more than 11,000 people to meet the demand of the cyber workforce.
• The government’s latest data shows that just 17% of the #cyber workforce are female, marking a 5% decrease since 2022.

Norwegian government ministries suffer a cyber attack

Norwegian authorities reported a cyber attack of unknown origin against 12 government ministries. This follows in the footsteps of Swiss and US government agencies being targeted in the last few weeks.

Kenyan government platform targeted in a cyber attack

Kenya’s government has been fighting off a huge cyber-attack that has affected services on a key government online platform for almost a week.

UK MOD launches investigation into classified email error

The UK’s Ministry of Defence (MoD) is launching an investigation after an error reportedly led to classified emails being sent to a close ally of Russia instead of the intended recipients.

Reporting changes to US companies likely to impact UK businesses

Public companies in the US will be forced to disclose cyber-security incidents within four days under new rules proposed by the Securities and Exchange Commission (SEC), but could the UK be forced to follow suit?

The malware affecting public systems

The US government is hunting for malware that may compromise systems such as power grids, communications systems and water supplies

Coalition to address data and network cybersecurity

Cisco, BT and others have joined together with the Center for Cybersecurity Policy and Law, a Washington DC-based non-profit to create the Network Resilience Coalition. This coalition focuses on addressing some of the most pressing cybersecurity problems that affect data and networks.

DHL affected by MOVEit ransomware attack

Shipping specialist DHL says that its UK operations were directly impacted by the MOVEit Transfer hack. The ongoing impact of this ransomware attack has not yet been realised and companies would be wise to review their procedures for dealing with malicious attacks.

The cost of data breaches to UK companies

Data breaches are costing UK companies an average of £3.4 million. This is a decrease from the £3.8 million total cost of dealing with a cybersecurity incident in 2022, according to a report from IBM.

The threat to business continuity.

Most organisations lack strong cyber resilience strategies or data security capabilities to address threats and maintain business continuity, according to BigID. The impact of a cyber attack cannot be overstated so businesses would do well to review their policies and procedures, especially around business continuity.

Ambulance trusts targeted in cyber attack

Following a cyber attack on health software company Ortivus, several NHS ambulance trusts have been struggling to record patient data and pass it to other providers. The NHS trusts affected serve around 12 million people between them.

Scottish university UWS targeted by cyber attackers.

Data belonging to the University of the West of Scotland (UWS) has been put up for auction by a cyber gang. The attack affected several digital systems and staff data as well as student submissions.