January 2020: Cyber Security Round Up
With a new decade, comes new risks. The first month of 2020 was particularly busy in the world of cyber security with Huawei deals and targeted ransomware taking the lead.
Read more about the latest cyber security news from January below:
UK Government permits limited use of Huawei Network Appliances
After many months of uncertainty (not just with Brexit) the UK Government permitted ‘limited use’ of the Chinese Telecoms giant’s network appliances to assist with the UK’s new 5G infrastructure. On a political front, the UK Government is trying it’s hardest to safeguard some large trade deals with China and the United States therefore didn’t want to risk posing outright ban on Huawei’s involvement. Although there have been concerns over security, Huawei’s role is going to be restricted to protect the UK’s critical national infrastructure.
Travelex brought to halt after major ransomware attack
At the start of the year, ransomware made the news once more as it brought foreign exchange company, Travelex to a halt. The major ransomware attack impacted all of their services including UK websites, mobile apps and other white-labelled services. Known as Sodinokibi, the attack was considered to be that extreme that staff had to result to using pen and paper to calculate exchange rates. Travelex reported that no customer data had been breached however its systems remained offline for two weeks after the incident was reported.
London based consultants hacked
A marine consultancy company located in London also fell victim to cyber crime in January. LOC unfortunately had their systems hacked and were held to ransom by cyber criminals. It was reported that the company’s computers were locked and 300GB of data were stolen by a criminal group and investigations on this hack are still ongoing.
Cyber-attacks hit unprecedented highs
According to Government documentation obtained by Sky News, cyber attacks against the UK defence industry hit unprecedented highs. It was revealed that the MoD and its partners failed to protect military and defence data across 37 incidents in 2017and 34 incidents in the first 10 month of 2018. It was also revealed that military data was exposed to national-level cyber actors on dozens of occasions.
World Economic Forum outed airport cyber security
The majority of the world’s airport cyber security is not up to the highest of standards. According a recent study from the World Economic Forum (WEF), 97 of the world’s 100 largest airports have vulnerable web and mobile applications. The findings showed that 97% of websites contained outdated web services, 24% of the websites contained known and exploitable vulnerabilities and 76% of the websites were not GDPR compliant.
Microsoft Updates and Patches
January was a fairly busy month for Microsoft updates and patches. The NSA revealed a critical flaw in Windows 10 for which a patch was released and the month also saw the end of the support and security for Windows 7 and Windows Server 2008.