Sunderland University IT systems down in possible cyber attack

Sunderland University has been hit by "extensive IT disruption" which has "all the hallmarks of a cyber-attack." Newcastle and Northumbria Universities were targeted by hackers in September last year as the National Cyber Security Centre warned of a spike in attacks on educational institutions. All online lectures due to operate through the university's systems were cancelled. Sunderland University said students were being encouraged to come onto its campuses where face-to-face teaching was continuing.
NCSC CEO: Ransomware the “Most Immediate Threat” Facing UK Businesses

NCSC CEO Lindy Cameron has warned UK businesses that ransomware “is the most immediate cyber threat” they face during her speech at Chatham House’s Cyber Conference. In this speech, she highlighted some of the most damaging attacks of the last year including the one on Ireland's Health Service Executive, Hackney Borough Council and the US colonial pipeline. Cameron describes wanting to see organisations take cyber security more seriously as many “have no incident response plans, or ever test their cyber defences.”, which needs to change as the NCSC expects ransomware attacks to continue growing for the foreseeable future. Another reason for the continued use of ransomware is that organisations either remain vulnerable or continue to pay the ransoms, Cameron warned that “paying ransoms emboldens these criminal groups – and it also does not guarantee your data will be returned intact, or indeed returned at all.”

Watch NCSC CEO Lindy Cameron's Speech Here 
Money Mules: Fresher’s Week

As part of fresher’s week at universities and colleges across Warwickshire, the Warwickshire Police Cyber Crime Unit attended to speak with students about the latest cyber security advice for their year ahead. Whilst they were running their popup stand in usual fashion handing out advice packs to students, behind the scenes something else was planned. The team utilised posters from UK Finance and CIFAS to capture the attention and intrigue of students, these posters were displayed covertly in areas of high foot traffic, the posters had a QR code added to them. The QR Code links to the “Don’t Be Fooled” money mules campaign advising students on the dangers of transferring money/selling bank account details to criminals. In total, the poster’s QR Codes were scanned an impressive 1,431 times across the month of September.
In Other News

Dutch police warn DDoS-for-hire customers to desist or face prosecution

Crypto Romance Scam Drains $1.4M

Password-Stealing Attacks Surge 45% in Six Months

New "Yanluowang" Ransomware Variant Discovered

Russian cybercrime gang targets finance firms with stealthy macros

Google warns of surge in activity by state-backed hackers

Governments worldwide to crack down on ransomware payment channels

Retail Cyber Security Tips

With the arrival of the RCCU focus on Retail Week, in line with National Cyber Security Awareness Month, we believed it would be appropriate to base this week’s cyber protect tips around the steps that retail businesses/organisations can take to ensure online safety and security.

The importance of cyber protection is incredibly underrated in many aspects of businesses and within different organisations. It is important to understand that regarding cyber, a business is only as strong as their weakest link. Saying this, here are some important procedures to follow, which can ensure the best cyber security for a business and the employees of that business.

Steps to take to ensure data is correctly backed up and stored businesses and organisations.

1. Your first step is to identify your essential data. To define “essential data”: The information that your business couldn't function without. Normally this will comprise documents, photos, emails, contacts, and calendars etc.

2. Whether it's on a USB stick, on a separate drive or computer, access to data backups should be restricted so that they:

     a.      Cannot be accessed by staff

     b.      Are not permanently connected to the device holding the original data - This is because Ransomware (and other malware) can often move to attached storage automatically, which means any such backup could also be infected, leaving you with no backup to recover from.

3.  You've probably already used cloud storage during your everyday work and personal life without even knowing - unless you're running your own email server, your emails are already stored 'in the cloud'. Using cloud storage (where a service provider stores your data on their infrastructure) means your data is physically separate from your location.

4.  We know that backing up is not a very interesting thing to do (and there will always be more important tasks that you feel should take priority), but the majority of network or cloud storage solutions now allow you to make backups automatically. For instance, when new files of a certain type are saved to specified folders. Using automated backups not only saves time, but also ensures that you have the latest version of your files should you need them.

More information

Click here for more information regarding data backup and cloud security. The NCSC provide a detailed account of the things to understand and consider when making a decision regarding backing up data.

Google pulls ads for "stalkerware" apps from Play Store

Adverts that have been promoting the use of “stalkerware” applications have been pulled by Google, due the violation of Google policies. The applications original intentions were for parents to install the “stalkerware” app on their children’s mobile phones without the child’s knowledge or permission. By doing this, the parents can view messages sent you the child, apps, photos etc, under the guise of protecting their child from online predators.
US nuke sub plans leaked on SD card hidden in peanut butter sandwich, claims FBI

A court filing and announcement allege that a man named Jonathan Toebbe, an employee of the Department of the Navy who served as a nuclear engineer, contacted a foreign power and offered to sell "Restricted Data concerning the design of a nuclear-powered warship". The letter included some US Navy documents and instructions on how to establish a secure channel between a foreign nation and Toebbe.
Ransomware: Even when the hackers are in your network, it might not be too late

If cyber criminals are already inside the network, it's not necessarily too late to prevent a ransomware attack.  If an organisation has a good threat-hunting strategy, they can detect strange or suspicious activity and counter the threat before ransomware becomes a major problem.  That's because criminals can spend weeks in the network before triggering a ransomware attack. This article discusses the steps to take to be prepared for such events.
This malware botnet gang has stolen millions with a surprisingly simple trick

MyKings, a long-running botnet also known as Smominru and Hexmen, has raked in at least $24.7 million by using its network of compromised computers to mine for cryptocurrencies. The world's largest botnet gained attention in 2017 after infecting more than half a million Windows computers to mine about $2.3 million of Monero in a month.

The group is said to have made most of it's money through its 'clipboard stealer module.' When it detects that someone has copied a cryptocurrency wallet address (for example to make a payment) this module then swaps in a different cryptocurrency address controlled by the gang. 

What can we offer you?
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
Get in Touch

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Keeping children safe in education 2021

Please get in touch with us if you'd like to know more about the free education sector cyber protection support services we provide. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.
The West Midlands Regional Cyber Crime Unit will be taking part in this years Cyber Fringe Festival on the 23-27th November 2021. Get your free delegate pass today!

On the fringe of Cyber & Security: 5 days of Strategic, Operational and Technical sessions, covering: Cyber industry, Defence & Emergency services, Diversity, Government, Acceleration, and Skills.


The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp