Tag Archive for: NCSC

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says

/in


Fraud Management & Cybercrime
,
Ransomware

Ciaran Martin Warns 2023 Will See Increased High-Profile Attacks

Akshaya Asokan (asokan_akshaya) •
January 18, 2023    

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says
Ciaran Martin, Oxford University professor and former NCSC CEO (Image: ISMG)

Ransomware continues to be the United Kingdom’s most prominent cybersecurity threat, and the country can expect to see a surge in destructive attacks in 2023, warns the former head of the UK’s national cybersecurity agency.

Ciaran Martin, now an Oxford University professor, says while overall ransomware activities across the world slumped in 2022, attacks are likely to surge in the coming months. He adds that recent hacks against The Guardian newspaper and the British Royal Mail are an example of these early-stage attacks.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

Martin, who was the U.K. National Cyber Security Centre’s CEO until 2020, points out one of the contributing factors behind the success of ransomware continues to be that most criminal groups operate out of Russia, which he says is a “safe haven” for the crooks to “operate with impunity.”

“Cyber criminals thrive in weaker states, they don’t thrive in France, in the United States or Canada,” Martin tells Information Security Media Group during the Cyberthreat UK conference this week. “So, for the foreseeable future, I think this region is likely to be a source of significant cyber.”

The 23% decline in ransomware attacks in 2022, which is based on a SonicWall report, is likely tied to disruption caused by the ongoing war in Ukraine and Russia, with most ransomware operators in the region being forced to flee or join as conscripts in the state security service, he says.

“In 2023, the early signs, sadly, are that there’s a bit more of it…

Source…

NIS Directive: Meeting NCSC’s Mobile Security Guidance

/in



NCSC joins 2 organisations to promote domestic cybersecurity

/in


Ursula

Mrs Ursula Owusu-Ekuful, Minister of Communications and Digitalisation

The National Cyber Security Centre (NCSC) has joined two different international organisations, the Global Forum on Cyber Expertise (GFCE) and the Forum of Incident Response and Security Teams (FIRST), to promote and strengthen capacity building and incident response through international collaboration.

This feat stems from the government’s commitment to developing the country’s cyberspace to be secure and resilient for the country’s sustained digital transformation.

Capacity building

A press release issued by NCSC on June 2 in Accra, quoted the Minister of Communications and Digitalisation, Mrs Ursula Owusu-Ekuful, of highlighting the importance of international collaboration for effective implementation of the recently passed Cybersecurity Act, 2020 (Act 1038).

“Ghana’s domestic cyber resilience is very much dependent on strong international collaboration arrangements and our membership of these industry-led global institutions is timely as we begin the implementation of the Cybersecurity Act, 2020.”

As a member of these international bodies, the minister said the NCSC was expected to benefit from joint capacity building programmes, information sharing and technical tools to effectively detect and prevent cybersecurity incidents.

Cybersecurity Act

The release stated that the ministry, under the leadership Mrs Owusu-Ekuful, led efforts for the passage of the Cybersecurity Act, 2020 (Act 1038) by Parliament on November 6, 2020.

The Act was subsequently assented to law by the President Nana Addo Dankwa Akufo-Addo on December 29, 2020.

With the passage of Act 1038, the NCSC is expected to transition into a Cyber Security Authority (CSA) before the end of the year. The Act makes provision for the protection of critical information infrastructures, capacity building efforts, incident response and reporting procedures, among others.

Ghana’s membership of the Global Forum on Cyber Expertise (GFCE) and the Forum of Incident Response and Security Teams (FIRST), is part of efforts to improve the country’s cybersecurity.

Cybersecurity collaboration 

Security Governance Initiative (SGI), a…

Source…

NCSC offers teachers free cyber security training

/in


The UK’s National Cyber Security Centre (NCSC) has released a free cyber security training package for teachers and other school staff, setting out steps to take to help mitigate cyber attacks and drawing on real-life case studies to demonstrate the impact of such incidents.

The resources are the newest addition to a widening package of support measures offered up by the NCSC as schools and universities across the UK reel from a spate of cyber attacks, which began to surge as Covid-19 lockdowns forced the education sector to transition to remote learning, and have not let up even with the return of face-to-face teaching.

Sarah Lyons, NCSC deputy director for economy and society engagement, said: “It’s absolutely vital for schools and their staff to understand their cyber risks and how to better protect themselves online. That’s why we’ve created an accessible, free training package offering practical steps on cyber security to help busy professionals boost their defences.

“By familiarising themselves with this resource, staff can help reduce the chances of children’s vital education being disrupted by cyber criminals,” she said.

Schools minister Nick Gibb added: “It is vital that schools have robust cyber security in place, and these new resources and training will help staff to increase protection from attacks.

“This training will boost support for schools, giving teachers the tools and skills they need to identify possible risks. I would strongly encourage all schools to adopt the resources and all staff to complete the training to make sure data is protected.”

The training package is designed to be accessible by any staff member, regardless of role or level of technical knowledge, and also comes as a scripted presentation. It can be accessed via the NCSC’s website and shines a light on the most dangerous threats schools face, and outlines the impact successful cyber attacks can have.

One of the case studies highlights an incident in which a successful voice phishing – or vishing – attack in which cyber criminals impersonated the Department for Education (DfE) to obtain the email details of the target’s head of finance and headteacher. This…

Source…