The definitive UK cyber attacks and data breaches list
Breath a sigh of relief, only five reported cyber attacks and data breaches in the UK this month! Hey, hackers need to take a break too you know. And there were a LOT of bank holidays in May…….
The attack on ABB bears mentioning – an international manufacturing and automation giant for those not in the know – purely for who attacked them; the now infamous Black Basta ransomware group. Black Basta is a Ransomware as a Service (RaaS) group who practice double exploitation; that is they steal data to publish on the darkweb prior to encrypting, so even good backups won’t save you.
They use a fairly traditional initial attack vector, a spear phishing email with a link to download an encrypted zip. Once in, they will spread internally using RDP, network management tools, and malware executables.
Your best defence is to stop them gaining access to your network in the first place, so the classic pincer movement of good staff training and awareness on one flank and strong technical controls like file blocking or sandboxing on the other.
Once they are in, good detective and reactive controls will be critical. So some form of Extended Detection & Response (XDR) or Managed Detection & Response (MDR) will be critical in identifying the attack is taking place, and containing it before it becomes a critical incident.
Smaller businesses could do well to focus on the initial protective controls where you will see a better risk reduction for your cyber security spend if you cannot afford detective controls.
Good luck out there!
To find out how we collate this information, please follow this link.
Scroll down to see the full list of cyber attacks and data breaches.
Visit our cyber attacks and data breaches UK homepage for the full historical list.
Bob Nicolson | Head of Consultancy