With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.
This week it has been revealed that the UK Electoral Commission and a number of MPs were targeted by a state-backed cyberattack from China, new warnings were released over the cybersecurity of the 2024 Paris Olympics, and a new study found that UK SMBs Face 37% Surge in Cybersecurity Warnings.
French Cybersecurity Head Warns Paris Olympics 2024 Could Be 'Target' for Attacks
The head of French cyber defence has emphasised the vulnerability of the upcoming Olympics, dubbing them a prime target for cyberattacks. Vincent Strubel, director general of France's national cybersecurity agency, has issued a stark warning regarding the Paris Olympics, highlighting the looming threat of cyberattacks from foreign states, cybercriminals, and hacktivists.
For more information about how organisations can approach cyber defence differently, watch this video where ACDS’ CTO Elliott Wilkes speaks to Christine Maxwell, Director of the UK Ministry of Defence.
New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice
Trustwave SpiderLabs has detected a recent phishing campaign employing an innovative loader malwareto distribute an information stealer and keylogger known as Agent Tesla. The campaign was flagged after identifying a phishingemail on March 8, 2024. Disguised as a bank payment notification, the email prompts recipients to open an attached archive file. Evidently, robust email security is more important than ever.
Hackers Hijack GitHub Accounts in Supply Chain Attack
Unknown attackers have launched a complex assault campaign that has affected numerous individual developers alongside the GitHub organisation account linked to Top.gg, a platform for discovering Discord bots.
According to research, the threat actors employed various different tactics, techniques, and procedures (TTPs) in this attack. These include hijacking accounts through pilfered browser cookies, introducing malicious code through verified commits, establishing a customized Python mirror, and distributing harmful packages to the PyPI registry.
UK SMBs Face 37% Surge in Cybersecurity Warnings
Research released this week has revealed that UK SMBs encountered a 37% increase in daily cybersecurity warnings over the past year. The number of cybersecurity warnings escalated from 597 in 2013 to 815 in 2024. Consequently, security professionals are left with a mere 87 seconds to assess each security incident and discern genuine threats.
For SMBs cybersecurity can be a minefield. Our experts have broken down the cybersecurity measures all SMBs should consider when putting together a cybersecurity plan. Read more here.
UK Retaliates with Sanctions Against China Over Cyberattack on MPs and Voters
This week, reports emerged suggesting that China has targeted the UK's democratic process by allegedly accessing the personal details of millions of voters. Among the suspected targets of cyberattacks backed by the Chinese state are Members of Parliament and peers, totalling 43 individuals. In response, the UK government has taken measures to impose sanctions on individuals believed to have played a role in the attack.
Deputy Prime Minister Oliver Dowden characterised the attacks on MPs and the Electoral Commission as "malign," emphasising that hackers allegedly gained access to the personal information of about 40 million voters. Dowden stated that these incidents demonstrate a "clear and persistent pattern of behaviour" indicative of hostile intent from China.
Our CTO, Elliott Wilkes, adds: “The danger of this attack is that it underscores the ability of a major global power to act in a way designed for intelligence gathering but also intimidation, without fear of significant recourse. This is also a vulnerable time for the UK, leading up to an election that might see a significant change in government. If this is, indeed, proven to be the work of the Chinese government, the challenge for the UK government will be to mount a penalty that is effective in deterring these actions without taking away much-needed diplomatic energy from supporting Ukraine against Russian aggression, or bringing an end to the war and humanitarian crisis in Gaza.”
CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a security vulnerability affecting Microsoft Sharepoint Server in its Known Exploited Vulnerabilities (KEV) catalogue after observing evidence of active exploitation in real-world scenarios.
This vulnerability, identified as CVE-2023-24955 with a CVSS score of 7.2, constitutes a critical remote code execution flaw. It permits an authenticated attacker with Site Owner privileges to execute arbitrary code.
Remaining well-informed about the latest developments in the industry is paramount in combating cybercrime. By staying abreast of relevant news, leaders can make informed decisions, proactively implement security measures, and effectively protect their organisations from cyberattacks. Maintaining a vigilant mindset, adhering to best practices, and leveraging cutting-edge technologies are all essential elements in constructing a secure digital future.