Copy
Regional Cyber Briefing
Tweet
Share
Forward

Current Threats


Ransomware

Ransomware is malicious software that prevents users from accessing their system or files, and demands that a ransom be paid in order to regain access.

Ransomware can get on to your systems in a few different ways. The most common is typically Phishing emails that contain malicious links/attachments. Criminals can also exploit unsecure remote access software to gain control to devices and download ransomware. Another way is to actually physically access a device to install ransomware e.g. using a USB drive.

There are many different types of ransomware strains with variations on how they're delivered, what devices/networks they target, and what the end result is. The important thing to remember is that the advice to protect yourself against ransomware is typically the same regardless of what the strain is. 

Advice

> Back up your data!
- If you're hit by a ransomware attack, then you can restore from those backups.
- Make sure that your backups are not connected to your internal network, or else they'll be at risk of infection as well.
- Store your backups off-site as well as on-site, so that in the event of environmental damage (e.g. fires or floods) you'll still have backups to restore from. Cloud storage is a great option which satisfies the above points and is now much more affordable (note: always read T&C's for specifics of the service).
- Know what data is on your backup, and test that they work as expected! In one of our previous ransomware investigations, when it came to restoring from a backup, a company found that their outsourced IT support were only backing up HR files. As a result they lost 6 years' worth of financial and project data. 

>  Educate and train staff to defend against common cyber threats/exploits, for example: 
- Phishing - see the NCSC's guide on this at https://www.ncsc.gov.uk/phishing.
- Physically securing devices e.g. are devices locked away/secure when not in use?

> Make sure devices are secured
- Ensure that all software is frequently patched and updated.
Install and run Antivirus software, and make sure that it's updated!
- Use firewalls and correctly configure them. If you're not responsible for configuring, ask your IT manager/provider to confirm this has been done.
- Remote Desktop Protocol (RDP) allows administrators to connect remotely to computers over a network connection. If you have no need for RDP, consider disabling it. If you're using it, make sure that it's set up securely (e.g. strong authentication).

> If you suffer a ransomware attack, we recommend you do NOT pay the ransom.
If you do pay, there is no guarantee that you will receive your data back. If anything, paying out means that you're likely to be targeted again. We always encourage victims to report the crime to ActionFraud via phone (0300 123 2040) or website (https://www.actionfraud.police.uk).

(Please also see the Useful Links section for the No More Ransom initiative which is a project which can help victims of ransomware retrieve their encrypted data)

Events

Devon Business Show - Plymouth Pavillions, Plymouth, 12th June

Come along to the Devon Business Show and chat to us about your business' cyber security - register your place via the official website at https://www.thedevonbusinessshow.co.uk/.

Free Business/SME Event - Santander Branch, Swindon, 13th June (6pm - 8pm)

We'll be featuring alongside other panel speakers at this SME focused event next Thursday at the Santander branch in Swindon. The event promises a relaxed and informal atmosphere, and other local businesses to network with. For further info check out:
https://www.businessbiscuit.com/8-news/5685-santander-breakthrough-in-branch

Business Showcase South West - Ashton Gate Stadium, Bristol, 19th June

Our team will be out in force at the Cornwall Business Show next month, register your place via the official website at https://www.businessshowcasesouthwest.com/.
Decisions and Disruptions Workshop - Sandy Park, Exeter, 17th June

We'll be running another cyber security workshop at Venturefest SW in a couple of weeks' time. If you're planning on attending then book on today!

https://www.venturefest-sw.co.uk/

If you're interested in either hosting or attending a workshop/presentation, please get in touch and let us know.

News
Leicester City FC breach sees hackers score financial data.
Former Premier League champions face GDPR probe after cyber criminals swipe fans' credit card details. (Read more at https://www.itpro.co.uk/data-breaches/33752/leicester-city-fc-breach-sees-hackers-score-financial-data).
Consumers Reluctant to Swap Passwords for Biometrics for Fear of Identity Fraud. More than half of consumers (56 percent) are worried that the shift to biometrics to authenticate online payments will dramatically increase the amount of identity fraud. (Read more at https://www.securitymagazine.com/articles/90315-consumers-reluctant-to-swap-passwords-for-biometrics-for-fear-of-identity-fraud).

Useful Links
Free Cyber Security Courses
Have you been bitten by the cyber security bug? If you're interested in developing your skills and expertise in this field, there are a number of free resources available to help you. Cybrary, SANS Aces, FutureLearn - these are fantastic starting points to build your knowledge (links below):

https://www.cybrary.it/
https://www.cyberaces.org/
https://www.futurelearn.com/courses/introduction-to-cyber-security

No More Ransom
An initiative to help victims of ransomware retrieve their encrypted data. The website contains decryption keys, as well as further preventative advice. Resources can be found at https://www.nomoreransom.org/en/index.html.

From the Forces
As a regional unit we're a collaboration of the five forces in the South West - Wiltshire, Gloucestershire, Avon and Somerset, Dorset, and Devon & Cornwall.

The forces also have protect officers who offer cyber security advice and guidance, primarily to individuals and smaller businesses. In this section, we'll be highlighting some of the great work going on around the region.

Avon and Somerset

Some bittersweet news for A&S as we bid farewell to Joanne Bocko who was previously the Cyber Protect Officer for the region. Jo has been a fantastic asset for the team for years, and we wish her all the best in her new role.

Fortunately for the region, a replacement is already in post and hard at work - so a warm welcome to A&S' new Protect Officer Frazer Keith!

Dorset



Dorset Protect Officer Chris Conroy has written a guest blog for the Dorset Police & Crime Commissioner entitled 'Remember to Stay Safe From Fraudsters'. You can check it out on the official website at https://www.dorset.pcc.police.uk/news-and-blog/dorset-pcc-news-blog/2019/05/banks-to-refund-scam-victims-but-remember-to-stay-safe/

Devon and Cornwall



D&C takes the prize for best on location cyber advice session this time around, as they recently set sail for sunny Dartmouth!

Gloucestershire



Gloucestershire Protect Officer Victoria Brinton has been  talking to Prestbury Friday Circle Social group about how to keep themselves safe from cyber-crime and fraud.

Wiltshire



The Wiltshire team have been in action in Amesbury Nationwide raising awareness of cyber crime and online safety.

Wiltshire have also welcomed on a new Protect Officer into the ranks, so we'd also like to welcome Kieran Hall to the Protect network!
Subscribe to this mailing list
Copyright © 2019 SW Regional Cyber Crime Unit, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp