Last month it emerged that critical healthcare institutions were being targeted by cyber-criminals, demonstrating that the COVID-19 pandemic had done little to stem cyber security-related threats, and if anything was actually offering more opportunities for would-be hackers. This past week has seen a spate of cyber-attacks occurring throughout the UK, with targets ranging from supermarket giant Aldi to Elexon, so now is clearly the time to be even more vigilant…
On Saturday, the Manchester Evening News informed its readers that a statement had been issued to Aldi shoppers warning them about a scam designed to steal personal details. In exchange for providing their email, WhatsApp, Facebook, or Twitter information, they were promised a web link where they could claim free shopping vouchers worth £250. No such promotion was being run by Aldi, with their spokesman urging people to be wary of this type of activity. The experts at CRIBB Cyber Security, part of theICEway ecosystem of companies, couldn’t agree more; upon hearing about the incident, our very own Patrick Carolan had this to say:
“You have always got to be very cautious whenever a voucher or money is offered to you in exchange for your personal data, no matter what the source. There are some signs that you can watch out for such as poor grammar and mistakes with spelling and punctuation in such communications, but above all else, it is highly unlikely in the first place that a supermarket would ask you for detailed personal information with them.”
On Friday 15th May, Forbes featured a story about a cyber-attack on Elexon that fortunately failed to have an impact beyond their internal IT systems. A core part of the energy supply market here in the UK, Elexon oversees extremely high-value transactions between the electricity providers and power station operators, so it is easy to see why they would be targeted.
Further details on the attack were unavailable at the time of writing but a Tweet by Elexon on Thursday 14th May confirmed that they were unable to send or receive emails, whilst a subsequent bulletin revealed that only their systems and laptops had been affected.
Once again we asked Patrick for his thoughts and he was sombre about the matter:
“The Elexon attack is more proof that critical infrastructure is a very attractive target for hackers. There isn’t a huge amount of information about this incident yet but I hope it isn’t ransomware because if it is, the company could have a long road to recovery."
CRIBB Cyber Security has provided end-to-end cyber resilience for clients in healthcare, cruise, travel, and retail for more than 20 years. Our expert team adopts a ‘Security by Design’ approach wherever possible, but we are aware of the fact that a reactive stance is sometimes required. That is why we have put together a wide range of products and services that are all designed to help boost cyber resilience – no matter what your current situation.
We are very proud to state that we have successfully guided 100% of our clients into compliance.
BE CAREFUL – BE DEFENSIVE – BE COMPLIANT – BE SECURE
COVID-19 – Caused by Coronavirus, this is a new illness that affects the lungs and airways
Elexon – Otherwise known as the company that facilitates payments on the electricity market here
Security by Design – A concept where something is designed from the foundation to be secure
As Patrick stated above, there are tell-tale signs to look out for if you suspect that there might be a scam afoot; always exercise caution whenever you are asked for your personal information. Always check for spelling mistakes, poor grammar, even the way you are addressed within a communication. From the outset, take a step back before you act, and ask yourself whether or not the request seems genuine – for example, would a supermarket really offer £250 to all of its customers?