Tag Archive for: Manchester

Third-party ransomware attack impacts UK’s Greater Manchester Police

/in


BleepingComputer reports that the UK’s Greater Manchester Police has been impacted by a data breach stemming from a ransomware attack against a service supplier, which also caters to other UK organizations.

Information compromised in the incident includes the personal information of some of the police department’s employees but financial data is unlikely to have been impacted, according to GMP Assistant Chief Constable Colin McFarlane.

“…[W]e have contacted the Information Commissioners Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported,” McFarlane added.

Such an intrusion follows third-party breaches affecting the UK’s Metropolitan Police and the Police Service of Northern Ireland during the past month.

Metropolitan Police had data from 47,000 police officers and staff, including names, ranks, and vetting levels, exposed after a cyberattack against ID card and access pass manufacturer Digital ID, while 10,000 police officers of PSNI also had their personally identifiable information stolen, some of which were already leaked online.

Source…

Manchester United hack: UK’s cyber security agency assisting the club

/in


The UK’s cyber security agency is assisting Manchester United over a cyber attack earlier this month which has left the football club unable to yet fully restore their computer systems.

The Premier League club confirmed the hacking on November 20 and said it was not “aware of any breach of personal data associated with our fans and customers”.

Source…

Premier League clubs to tighten cyber security methods after Manchester United hack

/in


Premier League clubs are expected to tighten cyber security methods as investigators warn a hack on Manchester United is just the tip of an iceberg.

United are believed to be facing a seven-figure ransom demand over the attack, which has left the club unable to yet fully restore its computer systems. GCHQ cyber security agents have been called in to help.

The National Cyber Security Centre recently published a report showing 70 per cent of major sports organisations are targeted by hackers every 12 months.

Ciaran Martin, a professor at the University of Oxford’s Blavatnik School, told Telegraph Sport on Friday night how he saw attacks on sporting organisations rise while he was chief executive at the NCSC.

“The risk to sport was on the up, not markedly, but incrementally, because of the realisation by potential attackers of rich sources of data and money that might be available from sporting organisations,” he said. “It’s big business, as we all know.”

Manchester City say it is a “matter of public record” that they have also been repeatedly targeted. In February, an IT worker was arrested amid claims he got players’ personal details and records of confidential transfer talks from Pep Guardiola’s email account. Last week, it also emerged British athletes were among hundreds of female sports stars and celebrities whose personal photographs had been breached in an iCloud attack.

“Sports organisations are at risk from cyber attacks for two reasons,” Martin, one of the leading figures in the UK’s fight against cyber crime, said. Nation-state attacks – such as Russia’s breach against the World Anti-Doping Agency in August 2016 – are high profile, but rare, he explained. “The other, which looks more likely here – although I must stress I don’t know the details because I’m not in Government any more – would appear to be a standard criminal ransom attempt to extort money by encrypting data or otherwise compromising data.”

The Football Association beefed up its security ahead of the World Cup in Russia in 2018, but many Premier League clubs have yet to bring their security levels in line with some other sectors.

Government has no powers to…

Source…

Manchester United defends close goal of cyber attackers in recent ransomware event

/in


Manchester United confirmed it had experienced a cyber attack on Friday evening, but stated that its defensive IT formation had identified the attack, shutting down impacted systems to contain the event and protect data. One of the key points of Manchester United’s online statement was its affirmation that it had “extensive protocols and procedures in place for such an event and had rehearsed for this risk“, allowing the team to go ahead with its match against West Bromwich Albion and to ensure all club media channels were unaffected. These ‘cyber fire drills‘ are clearly becoming ever more vital to ‘big game targets‘ and Manchester United appears to have benefited from such preparedness.

Ranking third in the world out of the most valuable football teams, with a total valuation of more than £2.9 billion, the attack on Manchester United is a further example of the rising number of ransomware attacks worldwide during the pandemic, with a particular uptick in big-game hunting and the corresponding value of ransom demands.

Recent investigations have highlighted that the number of distributed denial-of-service (DDoS) attacks observed in the third quarter of 2020 was four times higher than the first quarter of 2020 (Cloudfare). Further, CrowdStrike identified that 39% of UK organisations suffered a ransomware attack in the last 12 months and that on average pay USD 1.2 million, higher than the average USD 1.1 million globally. With these statistics in mind, it appears to be more important than ever that companies are prepared for such attacks, managing against the risk of exfiltration and encryption by, amongst other security protocols, partitioning and backing up systems, as well as understanding the legality and regulatory position of making ransomware payments.

Recently, a survey by CrowdStrike also revealed that UK businesses are paying more ransom to cybercriminals than their peers in other parts of the world.

The study found that 39 per cent of UK organisations have suffered a ransomware attack in the last 12 month, and they paid approximately £940,000 ($1.2 million) ransom on average – higher than the global average of $1.1 million.

Source…