In May 2021, ransomware still dominates the list of data breaches and cyber-attacks this month. Out of 128 publicly disclosed incidents in May 2021, 40% were ransomware attacks. The breached records are much lower compared to April 2021, despite 115,861,330 records being breached, but this can be explained by the fact ransomware attacks do make it hard for companies to find out how many records are affected. Below is our list of the top stories from May 2021:

Is it time to update your home router?

Outdated home routers could be putting millions of people at risk of being hacked according to a new Which? report. After examining 13 older routers given to customers by different internet-service businesses, for example Virgin Media and Sky, the consumer watchdog discovered that two-thirds of the routers had security problems and flaws. It was found that having weak passwords was the main security issue with older routers, such as having a default password set for a router, which cyber-criminals can hack very easily. There were also issues with:

  • on older routers there is no firmware updates or updates on security and performance.
  • a network weakness with EE’s Brightbox 2 can give hackers full control of the device when the network is down.

The routers that lacked any security updates were:

  • Sky SR101 and SR102
  • Virgin Media Super Hub and Super Hub 2
  • TalkTalk HG635, HG523a, and HG533

Kate Bevan, Which?’s computing editor exclaims that the proposed new UK Smart Device legislation, which bans default passwords on routers “can’t come soon enough.”

NCSC warns UK Smart Cities that they are at risk

Smart Cities and their surrounding areas help UK society by monitoring pollution, real-time parking, and road cameras, although this means a lot of personal information is collected into Smart Cities technologies. Information is tracked in detail, which could breach people’s privacy if Smart City technologies get hacked. The UK National Cyber Security Centre (NCSC) has issued its Smart Cities (connected places) guidance for UK local authorities. NCSC say that Smart Cities need to be careful as they are most likely to be affected and targeted by hackers this year. Councils need to be fully prepared because of the increasing rollout of technology-reliant communications and infrastructure. Essential public services need to be more protected from disturbance say the NCSC and sensitive data needs to be more secure from being stolen in large amounts.

Ireland’s Health Service ground to halt due to Conti ransomware

Ireland’s national health service (Health Service Executive (HSE)) had to shut down their computer systems after reportedly being hit by the Conti ransomware group. £14m was being asked for by the cybercriminals, but IT systems were bought back up before anything else could happen. The Conti group has now handed over the software to release to HSE systems for free and the Irish Government is insisting they did not and will not be paying the hackers any money. “The incident was having a severe impact on health and social care services” explained Ireland’s Health Minister Stephen Donnelly. More than 400 businesses have been affected by Conti worldwide.

Eight arrested for Royal Mail text scam

An investigation into scam text messages has resulted in eight UK men being arrested. Within the security industry, scam text messages are identified as ‘smishing.’ These text messages are designed to entice people to click on a web link to enter a malware or bad website, to try and steal their personal data, bank details, or make a false payment. The eight who have been arrested supposedly sent fake texts from Royal Mail asking people to pay to retrieve a parcel. Scam texts are happening more and more, be careful and look to see where texts are coming from.

DarkSide ransomware attack on Colonial Pipeline

DarkSide, a Russian cybercriminal group is said to be behind a horrible ransomware attack on a big fuel pipeline in America, which lasted a few days. They managed to take down Colonial Pipelines IT system, who manage a 5,500-mile pipeline network, which moves 2.5 million barrels of fuel a day from the Gulf of Mexico to New York. US drivers were told not to panic buy fuel, as news coverage of the problems started to spread. After picking up widespread news coverage, DarkSide put out a statement explaining that they didn’t want to take the pipeline offline, just to make money and not to create problems for society. It was reported that Colonial Pipeline had to pay $5 million in Bitcoin to Darkside.

This attack has gained the attention of the President, Joe Biden, and the FBI and recently DarkSide have quickly shut down its ransomware-as-service attacks. Reports suggests the DarkSide have made at least $90 million in ranson payments from 47 businesses or victims in the Bitcoin records.

Big data breaches happening more and more!

Air India had a cyber-attack issue this month with 4.5 million people having their personal information stolen. Stolen details including payment details, names and passport information going back 10 years in their systems. It has also been reported by Check Point researchers that Amazon Web Services System Manager (SSM) malfunctioned and led to possible disclosure of 5 million documents with personal information and credit card details on more than 3,000 SSM documents. AWS Security and Check Point have worked together to try and resolve the issues with the SSMs working with customers.

Remember to stay safe and secure when logging personal data into different companies’ databases.

Edinburgh Mental Health Clinic scammed

At one of Edinburgh’s leading mental health clinics, hundreds of clients were sent scam emails reportedly from the centre requesting their personal information, part of a phishing scam. Despite a number of complaints, The Edinburgh Practice failed to notify patients of the scam quickly, resulting in patients responding to the email and exposing their information. Police Scotland have now shut down the email and are understood to have launched an investigation into the scam email through their cyber crime unit. The Clinical Director of The Edinburgh Practice, Dr Fiona Wilson, apologised to clients who had been affected by the breach and for not noticing the scam sooner.

Deleted police records were on outdated 1970s IT System

Thousands of crime records have been wrongly deleted from an outdated IT system that was developed in the 1970s, highlighting that urgent reforms are needed. These Police National Computer (PNC) files have now been recovered and retrieved. It is said to be down to human error and management failures. First built in 1974 the mainframe computer used for background checks on suspects needs to be updated or replaced, according to expert reports, however it will not be ready for another seven years. The PNC holds personal information on 13.2 million UK citizens, including arrests, convictions, property, and vehicle ownership.

While engineers were making improvements to the system by law, they made an error in a piece of coding and the deletions were down to that one single error. In the report it explains that they were too slow to act when the error was discovered, and it took a month for police to be told. 88% of data breaches are made by human error. How old are your IT systems? Did you know, old systems and software are more at risk of cyber vulnerabilities, so speak to our team on 01453 700 800 for an audit of your network and recommendations for improvements.

Big Doncaster insurance firm hit by computer black outs

A big computer system crash shut down phone lines, websites, and emails at a Doncaster insurance firm this month. One Call Insurance was hit by a ransomware attack where the company had to shut down for a whole day and customers couldn’t contact the company. This caused huge delays in claims and some unhappy customers. Ransomware attacks can happen at any time any place, so it’s essential to have a ransomware recovery plan in place.

SmileDirectClub says cybersecurity incident could cost millions

It has been revealed that a cybersecurity incident that happened in April 2021 to SmileDirectClub could cost them millions. Even though internal engineers responded quickly to the incident and it didn’t take long for systems to get back up and running it just shows how incidents like this can affect a company and the running of a business.