We’re now past the halfway mark in November and so then it is time for one of our regular features: Cyber security news Oct 2021. Today we’ll look at the UK National Cyber Force and phishing attempts against YouTube users. Then we’ll hear about another high-profile ransomware attack. You can read our last news round-up here and use the social buttons below to sign up for regular CRIBB updates.

UK National Cyber Force to be based in Lancashire

This BBC story was published at the start of October on the NCF’s Samlesbury location. The cyber-attack agency aims to counter threats from criminals, terrorists and hostile states and will receive +£5 billion of investment before 2030.

YouTubers subjected to Phishing campaign

This story emerged on Cyware Social in late October. YouTube creators are being targeted by phishing attempts designed to trick them into making fake collaborations. A group of hired hackers are carrying out the attacks and have been since 2019, with Google recently identifying around 15,000 fake accounts being used.

Exclusive jeweller’s hit by huge cyber-attack

This story from the Daily Mail is on a cyber heist against Graff, a jeweller to the stars – including such high-profile names as Oprah and David Beckham. A gang of Russian hackers named Conti stole the personal details of world leaders, actors and tycoons. It is thought that they are demanding millions in return for not releasing any more sensitive information. Almost 70,000 documents have been leaked onto the dark web concerning 11,000 of Graff’s clients – and that represents just 1% of what was stolen, according to Conti. The ICO is currently investigating the data breach, with those affected including a host of recognisable names:

  • Donald Trump
  • David Beckham
  • Sir Philip Green
  • Oprah Winfrey
  • Tamara Ecclestone
  • Frank Lampard
  • Tom Hanks
  • Samuel L Jackson
  • Alec Baldwin
  • Tony Bennett
  • Ghisaline Maxwell

How to prevent ransomware

  • Back up important data and then store it securely
  • Ensure that your IT Security team have an incident response plan in place, then run regular simulations
  • Review port settings for both on-premises and cloud environments
  • Implement secure, robust configuration settings
  • Keep all systems updated
  • Develop a dedicated training programme, then hold regular sessions for the whole team

And finally…

International Fraud Awareness Week (14-20 Nov)

Also known as ‘fraud week’, this was launched last year by the Association of certified fraud examiners (ACFE). In the month of November, organisations around the world aim to increase fraud awareness. You can find out more by watching this series of explainer videos. So what then does fraud week accomplish? Quite simply, it gets people talking and thinking about fraud and then raises awareness. As we saw in October with National Cyber Security awareness month, this is a critical factor in developing resilience.

That is all for cyber security news Oct 2021 then. Did we miss anything out that was worthy of a mention? Leave your comments below and we hope you look forward to the next news round-up!