Recent Posts



    News & Views

    Our latest news and blogs keep you in touch with our fast paced and ever changing industry.

    A Halloween Horror Story

    By Monica Cope on Wednesday, October 28, 2015

    Halloween brings tales of ghosts and ghouls, but some people find cyber security much scarier.  As cyber breaches continue to make the international headlines, let’s enter the Halloween ‘spirit’ and review some of the nightmare stories and statistics from the year so far.  

    The obvious place to start is the recent TalkTalk incident, a terrifying tale indeed.  With data belonging to up to four million customers compromised, it’s enough to scare your socks off. A criminal investigation has been launched by the Metropolitan Police Cyber Crime Unit following a significant attack on the TalkTalk website, the exact nature of which is still to be confirmed.  While no organisation is immune from cyber risk, questions are being asked around the adequacy of TalkTalk’s defences.  TalkTalk has now issued a warning to its customers to remain vigilant about criminals trying to impersonate them or carrying out phishing scams.  The organisation itself has been heavily impacted, both reputationally and financially, with the share price down approximately 5% from the pre-attack price.  

    Frightening statistic one: According to the HM Government 2015 Information Security Breaches Survey, conducted by PwC, 69% of large organisations and 38% of small businesses were attacked by an unauthorised outsider in the previous year.

    In another chilling tale, a disgruntled senior internal auditor at Morrisons Head Office was jailed for eight years in July this year after he leaked details of nearly 100,000 supermarket staff, including salaries, bank details and National Insurance numbers, posting the information on data sharing websites.  This corporate security nightmare cost Morrisons more than £2million to rectify, and now 2,000 current and former employees are preparing to sue the company, alleging that the retailer was ultimately responsible for the breach.

    Frightening statistic two: The IBM 2015 Cyber Security Intelligence Index states that more than half of all attackers are insiders.  In 2014, 55% of all attacks were carried out by malicious insiders or inadvertent actors.  However, it’s important to note that 95% of these breaches were actually unintentional, caused by human error rather than carried out with malicious intent.  

    Earlier this year, 37.8 million clients of adultery website Ashley Madison were haunted when the site was (morally) hacked, and a group calling themselves ’The Impact Team‘ were able to gain unauthorised access to client information.  ‘The Impact Team’ eventually released a significant number of skeletons from the closet when the parent company, Avid Life Media, did not shut down Ashley Madison and its sister site “Established Men”.  

    Frightening statistic three: Recent research from the Office for National Statistics indicates that there were an estimated 2.5 million incidents of crime falling under the Computer Misuse Act in England and Wales in 12 months, the most common incident where the victim’s computer or other internet enabled device was infected by a virus. It also included incidents where the respondent’s email or social media accounts had been hacked.

    American Health Insurer Anthem was at the heart of another terror story earlier this year when a breach was revealed and a horrific 80 millions records were exposed.   Investigators believe the hackers penetrated the system by compromising staff log-on credentials, possibly as a result of a ‘phishing’ scheme. The stolen data was not encrypted and it was feared that the highly valuable information, which included dates of birth, Social Security numbers and income data, would be sold on the black market and used for identity theft.

    Frightening statistic four: Cyber criminals are increasingly using social engineering tactics to target businesses.  According to the Verizon 2015 Data Breach Investigations Report, 23% of recipients open phishing e-mails which attempt to acquire sensitive information, for example, usernames, passwords and financial information.  11% click on attachments.

    We all need to work hard in the freaky fight against cyber crime and to stay safe from the zombies, monsters and demons on the internet.  Understand your cyber risks and please don’t fall victim to any cyber tricks this Halloween, there are definitely no treats.  However, just in case you do get spooked, it’s important to make sure you have ghostbusting incident response plan in place…

    Post has no comments.
    Post a Comment

    Captcha Image

    Back to News