The boss at GCHQ says the UK needs to make a serious national effort to tackle cyber threats. Theresa May brings China in to help the UK create a 5G future. International payments are at more risk than ever, and SWIFT wants to make things better. And as Brexit moves closer, then farther away, then closer again, we take a look at one expert's take on the nation's post-Brexit cyber security preparations.
A 'national effort' is needed to boost British cyber security
The chief of the secret-squirrel organisation GCHQ is asking for a “genuinely national effort” to boost the nation's cyber security. GCHQ Director Jeremy Fleming says the ongoing digital revolution brings “increasing complexity, uncertainty and risk”, as well as a suite of new and unprecedented challenges for policymakers. If we don't get our acts together the country's citizens, judicial systems, businesses and even society itself could be damaged.
Fleming was one of the main speakers at the CYBERUK 2019 conference, held in Scotland during late April. He revealed the impact of the Active Cyber Defence programme, noting that March saw the UK-hosted share of global phishing scams dropping to less than 2% for the first time ever, down from 5.4% in 2016. It looks like HMRC is faring better too, once the 16th most phished brand in the world and now the 146th.
Fleming encourages businesses in every sector to work with GCHQ to pin down new ways to incorporate automated cyber defence systems, in an effort to ultimately create a whole-of-nation, automated cyber defence system. As he said, “Our vision for the next stage of the UK’s cyber security strategy aims to do just that. The prize is great – a safer, more successful UK.”
Theresa May slammed for inviting China to work on Britain's 5G network
Theresa May has defied numerous security warnings from ministers and the USA, letting the Chinese telecoms giant Huawei help build Britain's new 5G network even though the decision, to many, represents a serious risk to national security. The move was agreed by the National Security Council, which is chaired by the Prime Minister, and will allow the company 'limited access' to parts of the network, including antennae and non-core infrastructure.
Those who raised concerns include Sajid Javid, Jeremy Hunt, Gavin Williamson, Liam Fox and Penny Mordaunt, along with the entire Trump administration and the CIA. In the words of Iain Duncan Smith, “I consider her judgement on this to be very poor. I would call a reconsideration of decision given nature of the risks.”
What do you think? Is China a potential enemy? Or, bearing climate change in mind, should we all be co-operating with one another rather than pulling up our respective drawbridges? It's a bit of a conundrum.
SWIFT report reveals international payment flow insecurity
CPO Magazine (link to ttps://www.cpomagazine.com/cyber-security/new-swift-report-details-cyber-threats-to-international-payment-flows/) reports on a new SWIFT report called Three Years On From Bangladesh: Tackling the Adversaries. It looks into how international cyber criminals are becoming increasingly sophisticated in evading detection when working on fraudulent payment transactions. The report comes after a 15 month investigation into the massive cyber attack on the Bank of Bangladesh in 2016.
The report is intended to help international financial institutions avoid similar problems to the Bangladesh incident, where cyber thieves stole more than $100 million from Bangladesh central bank via clever fraudulent payment instructions, one of the biggest cyber security events of the year. 35 fraudulent payment instructions were issued via the SWIFT network, and even though only one of them worked properly the bank still paid out $101 million, $20 million of which ended up in Sri Lanka and $81 million of which ended up in the Philippines. 70% of the attempted thefts were denominated in American dollars, proving the global influence of US currency.
Brexit uncertainty drives better British cyber security measures
Sometimes it takes a disaster before people start making the plans they should have made long before disaster struck. This is one of those cases, and it's all about Brexit. As reported by Security Boulevard, Brexit-led uncertainty is inspiring British businesses to improve their cyber security defences.
It looks like plenty of organisations are starting to bolster their defences against potential Brexit cyber threats. In fact 53% of people surveyed by Security Boulevard had increased their cybersecurity budgets since the Brexit announcement. While we have no idea what'll happen post-Brexit, businesses obviously predict an increase in cyber attacks and are preparing for a hike in malware. 49% of those asked are taking extra measures against malware, 40% are preparing for more phishing attacks and the same percentage for ransomware. There's also some evidence that businesses are actually making a concerted effort to get ahead of cybercriminals rather than being passive observers, which is great news.
49% of companies asked said they're investing significantly in Data Loss Prevention technology, and the same percentage claim they're working harder than ever on regulation compliance solutions. 40% say they're working on security for the endpoint, evaluating threats and pinning down the best solutions.
It makes a lot of common sense. Change brings confusion, and confusion delivers opportunities for mischief. The key to securing your business against Brexit-led cyber threats is being properly prepared, increasing your cybersecurity spend to a reasonable amount that'll get you where you need to be, and educating people so they can recognise the different kinds of cyber threat and know how to protect themselves. And all that brings us naturally to the Cyber Essentials Plus and Cyber Essentials Schemes, both official Cyber Essentials certification designed to give you and your employees the knowledge needed to stay safe from cyber threats. We can help you achieve that. Just ask.