NCSC Weekly Threat Report 16th July 2021

In this week’s Threat Report:

1. Organisations struggling to identify or prevent ransomware attacks
2. Operation SpoofedScholars: report into Iranian APT activity
3. Sharp rise in remote access scams in Australia

Organisations struggling to identify or prevent ransomware attacks

report from Trend Micro suggests that 50% of firms don’t have the capability to prevent or detect ransomware attacks. It says that many have difficulty identifying activities which may suggest that their networks have been compromised.

The report further suggests that 40% of organisations could struggle to implement mitigation methods even after falling victim to an attack.

The NCSC’s guidance to help larger organisations prepare for and deal with ransomware attacks is summarised in this recent blog post, which is part of the Board Toolkit.

Smaller organisations may look to the Small Business Guide for affordable, practical advice and use the Cyber Aware Cyber Action Plan to get personalised suggestions on areas where their business’s cyber security could improve.

Operation SpoofedScholars: report into Iranian APT activity

Earlier this week, US cyber security company Proofpoint published a report into state-linked activity affecting the academic sector.

Dubbed Operation SpoofedScholars, Proofpoint’s findings show how actors masqueraded as British scholars to covertly target individuals of intelligence interest to the Iranian government.

Spear phishing campaigns by Iranian APT groups have been well documented in open-source reporting and Proofpoint notes a change in tactics for this threat group. Whilst these campaigns are targeted, they are broadly unsophisticated in nature.

The NCSC works closely with UK organisations across all economic sectors, including academia, to encourage better cyber resilience and raise awareness of the threats they face.

Our 2019 Cyber Threat to Universities report outlines risks and steps that can be taken to mitigate them.

Sharp rise in remote access scams in Australia

The Australian Competition & Consumer Commission (ACCC)’s Scamwatch has reported that cyber criminals have stolen AUS$7.2 million through remote access scams so far in 2021 – a 184% increase compared to 2020.

Thousands of Australians have reported receiving phone calls, as well as SMS messages and emails, from scammers pretending to be from legitimate companies, where they try to convince people to either download software which would allow remote access to their computers or to share personal details.

Scam calls and messages, also known as ‘phishing’, are often designed to be hard to spot and to create a false sense of urgency in the victim to provoke a response.

The NCSC has guidance on what to look out for to protect yourself from becoming victim, how to report phishing attempts, and what to do if you have responded to a scam.

Cyber Aware also gives advice on how to improve your online security. You can check if you are following the six recommended actions, or use the free Cyber Action Plan to get a personalised list.

NCSC © Crown Copyright 2021

Leave a Reply

scroll to top