In our penultimate cybersecurity round-up of 2024, we highlight the latest attacks to hit headlines. Councils yet again have fallen victim to hackers as well as major organisations in the telecoms sector. The current political climate also has a huge impact on the threat of attacks, and in the past few weeks this has been evident with headlines dominated by the threat of Russian cyber warfare.
We cover some of the most recent attacks and concerns hitting the news in the cybersecurity landscape in the rest of this article.
DDoS attacks on local authorities
Councils are a popular target for attacks, and this month saw another council affected. Portsmouth City Council were hit by a Distributed Denial-of-Service (DDoS) attack, orchestrated by a Pro-Russian hacker group called NoName057(16). Portsmouth wasn’t the only council to be affected this week, with other councils including Salford, Bury, Trafford and Middlesborough being affected. The attacks have caused disruption to the council’s website but is said to have not compromised residents’ data.
The disruptions to Portsmouth City Council resulted in residents being redirected to an alternative platform, MyPortsmouth to access services and make payments. The National Cyber Security Centre (NCSC) has provided guidance to the affected councils and noted that while DDoS attacks are usually low in sophistication, they can be disruptive to access to online services. Other councils that have been affected by the DDoS attacks have now restored their websites.
Portsmouth City Council is said to be actively working to restore website functionality and have apologised to their residents for any inconvenience.
Middlesborough Council attacked twice in a week
Middlesborough Council has experienced not just one but two DDoS attacks just days apart. As mentioned above, DDoS attacks can cause disruption to websites and services. In this instance, the council’s website was taken offline temporarily for testing, but no services were affected or personal data compromised. Middlesborough Council is said to be working with the NCSC to ensure its data remains secure against future incidents.
T-Mobile breach
A large cyber-espionage campaign by Salt Typhoon – a state-sponsored hacking group from China, breached T-Mobile’s network this month. The attack is said to be part of a wider attack on other major US telecom providers, including AS&T, Verizon and Lumen Technologies.
It’s reported that hackers infiltrated critical systems used for law enforcement surveillance, compromising sensitive communication including, call records, unencrypted messages and audio communications. Hackers are said to have gained access by exploiting vulnerabilities in telecom infrastructure such as Cisco routers.
The breach has raised national security concerns for the US due to victims of the breach including US government officials who are involved in national security and policymaking, this has led to increased fears about counterintelligence risks with the chance that hackers have mapped out infrastructure for future attacks.
T-Mobile have detailed that there’s been no significant impact on its systems or customer data, however, this attack has seen the organisation come under scrutiny due to its cybersecurity history, including a $31.5 million settlement for previous data breaches.
It’s said that to address the issues, T-Mobile are implementing stronger security measures, such as zero-trust architecture and phishing-resistant authentication.
The increasing risks to critical infrastructures
The Salt Typhoon campaign has lasted for many months using advanced tactics including the use of AI to gather intelligence information. The T-Mobile breach is the third major telecom breach by the hackers in the last year pointing to a systematic and coordinated effort.
The telecoms sector is classified as critical infrastructure under US law and this breach highlights the vulnerabilities in the sector and the profound impact these types of breaches could have on national security. It’s been reported that the FBI and CISA are investigating the breach.
Russia escalates cyber threats against UK and NATO allies
In recent days, articles about the increasing risk of cyberthreats from Russia have been dominating headlines. Reports suggest that Russia is intensifying its use of cyber warfare to destabilise the UK and NATO allies, with potential attacks designed to target critical infrastructure such as power grids.
Speaking at the NATO Cyber Defence Conference in London, Cabinet Minister Pat McFadden highlighted the growing risk posed by Russia’s hidden cyber ware. He emphasised that in the last year, "... cybercriminals and hacktivists have not just stepped up their attacks, but widened their targets to a number of Nato members and partners.”
The UK has observed a surge in Russian cyber activities over the past 12 months, alongside threats of retaliation for its military aid to Ukraine. Vigilance across government, businesses and society to guard against Russian cyber threats is being urged. This latest warning underscores the pressing need for robust cybersecurity measure as adversaries increasingly integrate advanced technologies like AI into cyber resources.
UK businesses face £44 billion loss from cyberattacks
It’s been reported that over the last 5 years, British businesses have lost an estimated £44 billion ($55 billion) in revenue due to cyberattacks. Over half of private sector companies that took part in the survey reported experiencing at least one cyberattack during this time frame. Key findings included cyberattacks costing businesses on average 1.9% of annual revenue with larger companies being the most frequent targets. The most common causes of cyber attacks were compromised emails and data theft. Despite the risks, it was noted that only 61% of businesses use antivirus software and just 55% employ network firewalls.
Protecting businesses now and in the future
Brigantia, along with our partner community, work hard to help businesses of all sizes in all sectors to remain secure and protected against persistent and evolving cyber threats.
To read more articles like this, head to our resources page: https://www.brigantia.com/resources
If you’re interested in becoming a Brigantia partner, please get in touch.
