Weekly Threat Report - 19th June 2020
Poor password practices
A recent study carried out by FICO Consumer Digital Banking, showed only 40% of people in the UK have separate passwords for their financial accounts. The research highlighted that just over 20% of UK citizens only use between 2-5 passwords, which are then re-used for financial accounts.
A rise in working from home has made it increasingly important that people improve their password practices. The NCSC has published guidance on what makes a good password as well as how to safely access and manage your passwords across multiple devices using password managers.
The study goes on to provide information that there has been an increase in the use of biometric security methods for online banking.
The NCSC provides further reading on understanding biometric recognition technologies which can be found in the biometric recognition and authentication systems guidance.
Email accounts targeted in phishing campaign
The NCSC continues to provide support to victims of a widespread phishing campaign targeting a range of organisations in the UK.
The NCSC first raised awareness about this campaign in October last year, stating that automated attacks designed to harvest credentials had been active since at least July 2018 and appeared to be spreading indiscriminately across a broad range of UK sectors.
The campaign targets victims by sending what appears to be a legitimate email from a known email contact. The email may contain recent communication between recipients and include links that if clicked redirect to a seemingly legitimate login page. Any personal information entered can then be used nefariously by criminals.
The NCSC has further information and guidance on dealing with suspicious emails, phone calls and text messages including our Suspicious Email Reporting Service.
US network outages cause widespread speculation
“DDoS” was trending on Twitter on Monday with internet services and mobile carriers down for people across the US.
Claims that a massive DDoS (Distributed Denial of Service) attack was underway were spread by a supposed Anonymous News Twitter account. Anonymous is a longstanding hacktivist group that has allegedly remerged in 2020.
T Mobile, one of the US’ main network operators, issued a statement saying that voice and text issues had been impacting customers across the country. Later in the week, T Mobile published a technical statement revealing that the outage was down to a leased fibre circuit failure that resulted in a sharp rise in IP traffic.
When any social media rumours about a cyber attack spread, the NCSC recommends checking official sources to verify the details. Official Twitter accounts belonging to government organisations and vendors that you trust are good places to start. The NCSC has guidance on handling DDoS attacks available.
Australia responds to targeting of government and critical infrastructure
This week the Australian Prime Minister announced the country was aware of, and responding to, malicious cyber activity targeting Australian governments and critical assets by a “sophisticated state-based actor”.
The NCSC continues to work closely with our Australian partners on their investigations. The Australian Cyber Security Centre’s (ACSC) technical advisory is available at https://www.cyber.gov.au/news/advisory-2020-008-copy-paste-compromises-tactics-techniques-and-procedures-used-target-multiple-australian-networks.
Topics Cyber threat