Weekly Threat Report - 7th February 2020
Report claims human error is major cause of UK breaches
Showing just how tempting it can be to think that complex problems have a single, ‘simple’ cause: Cybsafe announced that 90% of data breaches in the UK are caused by human error.
The report has analysed data from breaches reported to the Information Commissioner’s Office (ICO) in 2019. Their findings report that nine out of ten of the 2,376 breaches report to the ICO were due to “mistakes by users”. Phishing was named as the main cause of breaches which was 45% of all the reports to the ICO.
Unauthorised access, brute force password attacks and ransomware were also highlighted in the report.
‘Human error’ is often used as a convenient umbrella term when we don’t understand (or don’t want to acknowledge) the things that really make it difficult for people to behave securely. Making it easier for people to engage in their organisation’s security culture can improve the effectiveness of cyber security measures. The NCSC’s You shape security guidance is aimed at anyone looking to develop security which works for organisations and for people. The NCSC’s Phishing guidance emphasises the importance of a multi-layered approach to phishing, that does not over-rely on people’s ability to spot and avoid phishing emails.
Any organisation affected by data breaches should also be aware of the phishing threat following these incidents.
Code repository used to host and distribute malware
It is being reported that the code repository platform, Bitbucket, is being used by cyber criminals to host and distribute malware in a number of campaigns.
Criminals have been delivering an “unprecedented number of malware” via Bitbucket according to a report by Cybereason researchers. The malicious repositories mentioned in the linked blog post were deactivated within a few hours following communication between the researchers and Bitbucket.
Cybereason report that attackers create and cycle different accounts, which are then frequently updated to avoid detection..
Users that have downloaded cracked versions of commercial software like Microsoft Office and Adobe photoshop may have been affected.
The NCSC has produced guidance for mitigating the risk and impact of malware, but users should also ensure that they only download and install commercial software from trusted websites.