With 103 data breaches and over 5.8 million breached records, November was a bumper month for cyber security issues. The National Cyber Security Centre also published their annual report with some whopping results, too…

National Cyber Security Centre (NCSC) Annual Review

The NCSC has the ambition to make the UK “the safest place to live and work online” tackling cyber security threats, fraudulent websites, and other digital threats. Each year, they publish their annual review, highlighting just some of the achievements that they have made in the past twelve months. This year, much of their work has focussed on keeping users safe digitally during the pandemic, as online shopping and tech adoption soared during lockdown. This year’s stats include:

  • Combatting 723 incidents of which more than 200 directly related to coronavirus
  • Launched their ‘Suspicious Email Reporting Service’ which handled more than 2.3 million reports of malicious emails
  • 22,000 malicious URLs taken offline, including fake sites “selling” COVID tests and PPE
  • Supported more than 1,200 victims.

Manchester United suffers major cyberattack

Although Manchester United FC has revealed very few details about the cyberattack which has taken their systems offline, experts are speculating that leaky IT systems are responsible for ransomware infiltrating the systems. Manchester United has confirmed it is worth with the National Cyber Security Centre to resolve the issues, but the systems remain offline more than a week after the attacks.

Hackney Borough Council Systems breached, impacting its service delivery

London’s Hackney Borough Council is another who is remaining tight-lipped about the size, scale and cause of a ‘major’ cyberattack, but its impact has certainly been far-reaching. Many of the IT systems have been taken offline in what is likely a ransomware incident, which in turn has impacted the Council’s local service provision to businesses and residents.

Information Commissioners Office (ICO) fines Ticketmaster

The ICO has fined Ticketmaster £1.25million for failing to keep the data of 9 million customers safe. The breach included personal information and card payment details, breached through a third party chatbot installed on the online payments page. In direct response to the data compromise, 60,000 Barclays Bank customers became victims of fraud and 6,000 Monzo cards were reissued following fraudulent payments. It is likely that the fine has been far less harsh than usual, with the ICO issuing smaller fines and downgrading previous fines to smaller amounts, as businesses grapple with the impact of COVID on turnover.

UK Government considers fines for using Huawei Network

There is a potential new law being considered by the UK government, which would see telecoms providers being fined 10% of turnover a day for using Huawei network equipment within their 5G networks. It comes after the government expressed serious security concerns over the Chinese operator and is seeking to prevent state exploitation of the country. Read the full story over on the BBC +

Consumer group Which? Is the latest to warn of security flaws in smart doorbells and devices

Smart doorbells are inviting hackers into homes according to Which? after they tested 11 systems available through online retailers. They are now calling for new legislation to safeguard consumers, after finding that the devices can be simply and easily hacked or turned off by those outside the home. Weak passwords and a lack of encryption are the main issues, and the watchdog is warning that consumers are putting convenience ahead of security. Amazon has delisted seven devices in direct response to the findings.