Skip to main content

DS Risk Warning: Cyber Critical Update

By

 

Critical Update



With thanks to our NPs the S W Cyber Resilience Centre, we bring you their updated advice. Please pay close attention to it, regardless that it flows from the attacks on the retail sector. The approach taken can be applied anywhere!


The National Cyber Security Centre (NCSC) has issued a critical warning following a wave of cyber attacks on major UK retailers including M&S, Co-op and Harrods. These incidents appear to involve criminals impersonating IT help desks to trick staff into revealing login credentials, a technique known as social engineering.

 

We’re issuing this urgent message to all SWCRC members to raise awareness and encourage immediate action.

 

What’s happening?

 

A group calling itself DragonForce has contacted the BBC to claim responsibility for recent breaches. Their tactics include:

       •     Phoning IT staff pretending to be locked-out employees

      •     Calling or messaging staff pretending to be from internal IT help desks

      •     Using fluent English and credible scenarios to gain trust

 

The NCSC believes these attacks resemble those carried out by the notorious “Scattered Spider” group, known for targeting senior staff to gain access to sensitive systems.

 

What should you do now?

 

We recommend the following immediate steps: 

🔐 Review your password reset procedures, especially for senior roles

📞 Introduce internal codewords or other identity checks for staff requesting credential changes

🧠 Reinforce awareness among staff of social engineering tactics

📊 Monitor for unusual login activity, such as logins at odd times or from unexpected locations

 

Further official advice is available here: NCSC Guidance

 

This is a timely reminder that no organisation is too small to be a target – simple procedural improvements can make a huge difference in resilience.


The Cyber Resilience Centre for the South West is excited to be working in partnership with you and your organisation to make the South West region a safer place to live, work and do business.



Comments

Post a Comment

Popular posts from this blog

DS Risk Warning: 28 March: Extinction Rebellion Demonstration ‘Sound the Alarms’ 10 - 4 pm

By
Hello all, Avon and Somerset Police have informed us of an ‘organised civil disobedience’ event that may take place today, Thursday 28th March, whereby members of Extinction Rebellion and possibly sympathisers are proposing to set off multiple [fire] alarms.  There is no known information on which buildings/when but the assumption is that they will target schools, institutions and public buildings. The Bristol Director Education and Skills has shared this scant information with Bristol schools and nothing more. We haven't heard that it has been distributed more widely so we do so just in case to our Agreement/SLA customers. Fire doesn't give notice of where and when it will occur so our best advice, unless you have a delay on the system that allows checking the status of the issue before the alarm sounders go live, is to take any activation seriously and evacuate. If it turns out to be a hoax, false activation, etc, why not log it as an alternative to your t...
Post a Comment
Read more

Delegated Services Risk Warning: Weather; Snow and Ice

By
Hello all, I have just watched the local forecast with interest and await the Met Office web site catching up with it! What was said/shown has been updated with elements of more significance. It appears that there is now potential for snow showers to start across our patch from lunchtime but without major impact. As the afternoon goes on the showers look to then merge into longer spells of snow, which then in the evening becomes persistent somewhere along the M4 ish, and to the north of it before lessening off past midnight. NB: Accumulations estimates vary significantly from the light dusting to perhaps up to 8 cm with elevation. Timings are also in flux so we are advised to check again for updates on a regular basis. I will do this and keep you posted. On this basis a prompt get away at the end of the pupil day for all would look to be appropriate. At the moment I stick with 'curtain time' early Friday morning to see whether it's business as close to normal and on a...
Post a Comment
Read more

Delegated Services Risk Warning: Weather; Wind - Storm Darragh

By
  The Met Office have upgraded the warning for tomorrow as follows: Red weather warning issued  Strong and damaging winds across parts of Wales and southwest England  Saturday 0300 – 1100 Our advice changes in such circumstances to, do all you can today, but any checking approach during the day tomorrow should only be considered in extremis in the red zone and very carefully indeed risk assessed. Beware too the boundaries are changing of the zones, as more data comes in. Checks may need to wait until Sunday. NB: Many are postponing anything planned for tomorrow to allow safety at home in the red zone and extreme caution in the amber. This needs to apply to your sites. We aren't aware from our systems, at present, of any education visit/DofE activities, but obviously these need to be reconsidered. Met Office Chief Forecaster, Jason Kelly, said:  “The worst impacts from Storm Darragh will be felt as we go through the early hours of tomorrow morning and throughout Satur...
Post a Comment
Read more