Throughout 2020 we have seen different types of ransomware utilising various attack methods and operational techniques to infiltrate networks. The types seen include: RYUK, Ouroboros, Cryakl, rEvil, Mapo and Corona-lock. One common initial infection vector has been malware such as TrickBot (commonly seen within a triple threat vector alongside Emotet and RYUK). While infection via […]
Electronic signatures, or e-signatures, are a means of signing documents in the same way that documents and agreements are signed using a written signature on hardcopy documents. Electronic signatures can come in any form that the parties to a contract agree on, but in general fall into three distinct categories. Simple e-signatures These are direct […]
The Janet Computer Security Incident Response Team (CSIRT) would like to bring to your attention some recent reports in relation to Online Video Conferencing Platforms we have seen. Due to the restrictions related to Covid-19, the use of online video conferencing has seen a significant increase and understandably, organisations are trying to facilitate as many […]
Shortly after the recent attacks on TalkTalk the Culture, Media and Sport Committee decided to hold an inquiry into the circumstances surrounding the data breach, but also the wider implications for telecoms and internet service providers. This raised a number of issues around the premature speculation around the causes of the incident, cybersecurity within the telecoms industry, and the […]
In the week since the TalkTalk breach there’s been commentary on encryption of data, particularly with their CEO’s comments that they were not legally required to encrypt data. Of course encrypting the storage of data at rest is a common sense control against a range of threats such as physical theft or loss of the […]
A brief post this time on my thoughts as to how best integrate certification to the Government’s Cyber Essentials scheme into an ISO 27001 ISMS. I’m going to intentionally stay away from how to achieve certification to Cyber Essentials, and just focus on how it might sit within your ISMS. Assuming that you’ve identified a good business […]