RUSI has published its report on the UK and cyber fraud this month. It makes stark reading. Too often referred to as a ‘victimless crime’, cyber fraud is nothing of the kind. It does untold psychological harm to its victims, many of whom are also left destitute or robbed of their life savings.
It has been an important week for Cyber Security in the United States with several key announcements from President Biden and his administration on funding and appointments as well as a response to the Solar Winds attack.
The news of US sanctions on Russia has made headlines around the world with President Biden’s remarks on Russia firmly attributing the extensive “SolarWinds” hack on the US Government to Russia.
You don’t need to celebrate, just take stock, and look to the future. With all that’s changed in the world, the arrival of the third anniversary of the General Data Protection regulation may seem trivial, even irrelevant.
“War stories”? Sounds a bit dramatic, but the life of a Pen Tester is spent on the frontline of an ongoing conflict between individuals and organisations, and an army of hackers seeking to scam or undermine them. And just as in any war, the ‘intelligence’ services play a huge role in protecting good people from bad outcomes; work that takes place mainly in the shadows.
It’s nearly a month since the UK Government released The Integrated Review 2021 detailing ‘the vision for the UK’s role in the world over the next decade’.
The Bank of England’s financial policy committee recently underlined the importance of cyber stress testing when assessing the operational resilience of financial services.
In late 2020, the American cyber-security community discovered a widespread breach of private-sector and government networks. A primary vector for the breach appeared to be the hacking of software provided by the US information-technology company SolarWinds.
There are a number of security benefits that can be gleaned from threat monitoring, automated vulnerability scanning and stringent security policies. However, penetration testing can be a useful asset in identifying exploitable security vulnerabilities and real threats facing your organisation.
The NCSC issued advice to the education sector at the end of last week on the growing threat from ransomware attacks targeting the sector.