Ministers Face Scams, Conduent Data Breached, Uk Faces Threats
Hello people! Another week, and another dose of cyber news, curated just for you! Hope you all have been safe from the malicious attempts of threat actors.
This week, we will talk about the recent X account hacking case of a minister in the UK. Then we will discuss Conduent’s January data breach. Lastly, we will wind up the bulletin by discussing the UK’s cyber landscape.
Eager to know the details? Let’s get started then!
Even ministers are not safe from the prying eyes of cyber crooks- Crypto scam alert!
Lucy Powell, one of the UK government ministers, recently fell prey to a cyberattack. The attackers hacked her X account in order to promote the “House of Commons” cryptocurrency scam. The hacker published a string of posts from her X profile claiming the “$HCC” coin to be a “community-driven digital currency bringing people’s power to the blockchain.” It was on Tuesday that her X profile got hacked. Soon, authorities took quick steps to secure her account and retrieve it. Also, as a part of the mitigation strategy, those misleading posts have been deleted.
Lucy Powell is not the only public figure who became the target of cybercrooks. Even Nick Robinson, the renowned BBC journalist, was also targeted in a similar fashion recently.
This trick of taking over X accounts of public figures is quite common among cybercriminals. They leverage phishing emails to trick users into sharing their login credentials and other sensitive details. Once they have access to a profile, hackers quickly cook up posts around fake crypto coins. The ultimate goal behind such cyberattacks is to convince crypto enthusiasts to buy these seemingly valuable but otherwise worthless coins.
A two-step verification method, as well as a robust password, can keep your profiles secure to a great extent. Public figures, including ministers, can enhance their digital protection by combining strong security practices for social media with robust email authentication protocols like DMARC, SPF, and DKIM to prevent phishing and impersonation attempts
Conduent’s client data was compromised back in January!
The GovTech giant Conduent has finally given a confirmation regarding a client data breach. The cyberattack took place back in January. A B2B company, Conduent offers digital solutions and platforms to commercial as well as government clients across different sectors such as human resources, transportation, healthcare, and customer experience. With over 33K employees, Conduent offers its services to over 600 government and transportation agencies as well as half of the Fortune 100 companies.
Back in January, Conduent was targeted by threat actors, and customer operations were affected across all the US-based government agencies. It is only recently that Conduent filed a new Form 8-K with the SEC. In that, the GovTech giant has confirmed that the threat actors had managed to access client data. The company is working closely with cybersecurity data mining experts to analyze the exfiltrated data. The investigation is still going on to find out the precise details of the attack and the extent of damage to client data. Conduent is also keeping the impacted clients informed in compliance with federal and state law.
Conduent is assured that so far there has been no trace of the stolen client data being leaked on the dark web. There has been no material impact so far on Conduent because of the cyberattack. However, they have incurred expenses back in January because of the cyber incident.
Cyber threats lurking around the UK digital landscape!
The UK government has recently released a report that mentions the data breach risks lurking in the digital landscape. While 43% of small businesses are prone to cyberattacks in the UK, the percentage is quite high for medium (70%) and large businesses (74%). The survey report throws light on how different organizations, such as educational institutions, businesses, and charities, are coping with cyber threats. The report aims to bolster the UK cyberspace where businesses and other organizations can grow without any kind of threat or risk.
The report draws attention to the urgent need for a robust, foolproof cyber defense system in the UK. It serves as a staggering reminder of the gap between cybersecurity strategies and investment in security mechanisms. Experts have also highlighted the crucial role played by generative AI in boosting the number of ransomware and phishing attacks.
In order to tackle the sudden upsurge in ransomware attacks, companies must integrate a multi-layered cybersecurity system. It can be the perfect amalgamation of threat anticipation, relevant mitigation measures, detailed analysis, and other key factors.
The report suggests that phishing and ransomware attacks are getting sophisticated with every passing day, while targeting mid-size and large companies. It requires strict implementation of cyber hygiene, elaborate official guidance, and regular employee training sessions to secure the digital ecosystem in the UK. Transparent reporting, incident response capabilities, and regular audits of cybersecurity mechanisms can further help in securing the cyber landscape in the UK.
