These attacks need to be a wake-up call for every business in the UK,” Pat McFadden, chancellor of the Duchy of Lancaster, said.
Recent cyber-attacks and attempted hacks at some of the UK’s biggest retailers – Marks and Spencer’s, Co-op, and Harrods – have sparked a government response as fears mount across the retail sector.
The cyber-attacks all took place within a matter of days, impacting internal IT systems, and in the case of Co-op, even potentially affecting customer data, the BBC reported.
The UK’s National Cyber Security Centre is working with affected organizations to better understand the nature of the attacks, which left M&S with empty shelves and impacted the integrity of Co-op Teams communications.
Currently, the NCSC cannot say if these attacks are linked or part of a targeted campaign, but noted speculations that the M&S attack was proliferated by cyber-crime group Scattered Spider, and that remote access could have been gained over social engineering tactics.
Pat McFadden, chancellor of the Duchy of Lancaster, will set out action the government is taking to improve cybersecurity in a speech this week.
McFadden will call these attacks a “wake-up call for every business in the UK.
“In a world where the cyber-criminals targeting us are relentless in their pursuit of profit – with attempts being made every hour of every day – companies must treat cybersecurity as an absolute priority.
“We’ve watched in real-time the disruption these attacks have caused – including to working families going about their everyday lives. It serves as a powerful reminder that just as you would never leave your car or your house unlocked on your way to work. We have to treat our digital shop fronts the same way.”
The NCSC is urging leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.
These include back-t0-basics measures ranging from multi-factor authentication, enhanced monitoring against unauthorised account misuse and domains, reviewing passwords, advanced identifying systems, and better threat management tactics.
McFadden will also lay out how the government is aiming to enhance the UK’s cyber protections.
“We’re modernising the way the state approaches cyber, through the Cyber Security and Resilience Bill. That legislation will bolster our national defences,” McFadden will say.
“It will grant new powers for the Technology Secretary to direct regulated organisations to reinforce their cyber defences It will require over 1,000 private IT providers to improve their data and network security.
“It will require companies to report a wider array of cyber incidents to the NCSC in the future – to help us build a clearer picture of who, and what, hostile actors are targeting.”
While the NCSC says they have provided specific guidance to the retail sector, the centre “beleive[s] by following best practice, all companies and organisations can minimise the chances of falling victim to actors like this.”
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source: https://www.digit.fyi/cyber-attacks-a-wake-up-call-to-retail-sector/
In what security experts are describing as a “distributed crisis,” a staggering 90% of cybersecurity and IT leaders worldwide reported experiencing cyberattacks targeting their cloud environments within the past year.
This alarming statistic emerges from comprehensive research conducted across ten countries, highlighting the increasing vulnerability of organizations as they transition from on-premises systems to hybrid cloud infrastructures.
The study, which surveyed more than 1,600 IT and security leaders, reveals that despite increased investment in cloud security, threat actors continue to find success in breaching these environments.
The nature of cloud-targeted attacks has evolved dramatically, with adversaries shifting away from traditional malware-based approaches toward more sophisticated identity-based intrusion methods.
According to the research, malware-free activity now accounts for 79% of all detected intrusions, a significant increase from just 40% in 2019.
This paradigm shift reflects attackers’ adaptation to modern enterprise environments, where they increasingly exploit valid credentials, engage in hands-on-keyboard intrusions, and deploy social engineering tactics to bypass conventional security measures.
The impact of these breaches has been severe, with 86% of organizations that experienced ransomware attacks ultimately paying the demanded ransom to recover their data or halt the attack.
Even more concerning, 74% of victims reported that attackers were able to harm backup and recovery options, effectively eliminating safety nets designed to mitigate such incidents.
Rubrik Zero Labs researchers identified a particularly troubling trend in their analysis: the dramatic reduction in “breakout time” – the period between initial compromise and lateral movement across systems.
“In 2024, the average breakout time for interactive eCrime intrusions fell to 48 minutes, down from 62 minutes in 2023,” noted security analysts.
“Alarmingly, the fastest breakout was recorded at just 51 seconds, meaning defenders may have less than a minute to detect and respond before attackers establish deeper control”.
The Rise of Identity-Based Attack Vectors
The report provides detailed insight into how identity-based attacks have become the preferred method for cloud environment infiltration.
Rather than breaking in through security vulnerabilities, attackers are simply logging in using compromised credentials.
This approach proves particularly effective in cloud and SaaS environments where traditional perimeter defenses offer limited protection.
Valid account abuse was responsible for 35% of cloud-related incidents, reflecting attackers’ growing focus on identity compromise as a gateway to broader enterprise environments.
Microsoft’s security telemetry supports this finding, revealing that they block over 600 million identity-based attacks daily.
These attacks typically begin with credential harvesting through phishing campaigns or purchase of stolen credentials from access brokers, whose activity surged by nearly 50% compared to the previous year.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source: https://cybersecuritynews.com/cybersecurity-leaders-encountered-cyberattacks/
China accused the United States National Security Agency (NSA) on Tuesday of launching “advanced” cyberattacks during the Asian Winter Games in February, targeting essential industries.
Police in the northeastern city of Harbin said three alleged NSA agents to a wanted list and also accused the University of California and Virginia Tech of being involved in the attacks after carrying out investigations, according to a report by state news agency Xinhua on Tuesday.
The NSA agents were identified by Xinhua as Katheryn A. Wilson, Robert J. Snelling and Stephen W. Johnson. The three were also found to have “repeatedly carried out cyber attacks on China’s critical information infrastructure and participated in cyber attacks on Huawei and other enterprises.”
It did not specify how the two American universities were involved.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
