Report

Weekly Threat Report 14th December 2018

Created:  14 Dec 2018
Updated:  14 Dec 2018
NCSC Threat Report
This report is drawn from recent open source reporting.

The problem with lapsing certificates

A report from the US congress this week has revealed that the network breach suffered by Equifax in 2017 was not found due to an expired software certificate. 

The certificate was linked to software which monitors networks for suspicious traffic, so the expiration meant that hackers were able to avoid being spotted. 

O2 had a similar issue last week when a network blackout affected the entire UK. 

Digital certificates are bits of code that ensure the encryption of communication between devices and websites. 

As you would expect, the NCSC advise that organisations should keep on top of their certificates and ensure they do not lapse. 

If you ever find yourself a customer affected by a breach such as this then you should be alert to the phishing threat following data breaches.

 

Confidential data loss in Denmark

Confidential data of 20,000 residents in Gladsaxe, Denmark has been lost following the theft of a computer from the town’s city hall between November 30th and December 3rd. 

The data had been saved locally and included information such as registration numbers, age and addresses. Details of social welfare payments and housing were also reported as being affected. 

Local authorities had informed those affected by Monday 3rd blaming the issue on human error following a spreadsheet being saved locally on the computer as a temporary measure. 

Ensuring personal data is secure should be at the top of any priority list, and the NCSC has guidance aimed at protecting bulk data

Organisations shouldn’t look to pass blame onto employees following this kind of incident. The likelihood is that the employee was acting in good faith to ensure a business need was met. The NCSC encourages adding extra layers of resilience to support employees and use incidents such as this as a learning opportunity. It’s well worth reading a blog post written here on the NCSC website back in November 2016.


Stay secure; keep on top of the latest security updates

WordPress has issued a security patch which fixes several vulnerabilities including one that led to Google indexing some user passwords. 

Detailed information for version 5.0.1 can be read on the WordPress news pages, but crucially a fix has been implemented following an issue in which activation screens for new users were being indexed by Google. 

An attacker could’ve found these pages and used them to collect email addresses, and in rare cases, default-generated passwords. 

Users of WordPress, and any similar software, should always download the latest security updates to ensure maximum protection from vulnerabilities such as this.

The ECSEPA Cyber Security Evidence Study

The Evaluating Cyber Security Evidence for Policy Advice (ECSEPA) project, funded by EPSRC and supported by the Sociotechnical Security Group at the NCSC, is aiming to learn more about how the UK government cyber security advisory and policy-making community evaluate evidence in their roles. We are inviting those interested in helping to take part in a cyber policy game that tests the participants’ responses to scenarios through a range of escalating crisis scenarios.

The overall objective of this research is to understand how such policy-making be better supported. The policy game will take place on 21st February 2019 in London and will require one full-day of commitment.

If you are interested or would like to learn more then email s.shaikh@coventry.ac.uk to register an expression of interest.

Was this report helpful?

We need your feedback to improve this content.

Yes No