March’s cyber security roundup looks at a new phishing tactic hackers are using, the UK NCSC’s updated guidance on the use of Russian tech, the unfortunate news of a charity being the target of a sophisticated cyber-attack, and a case study feature from our security partners illume, of how they helped a top 150 UK law firm remain secure.
Attackers Utilising Azure To Host Phishing Pages
It has been observed that malicious attackers are now hosting phishing landing pages on Microsoft’s cloud service, Azure. The attackers are piggybacking on the trusted domain that the sites are hosted on (1.azurestaticapps.net) and the TLS certificate.
Upon inspecting the certificate on the malicious site, it is, in fact, issued by Microsoft Azure – adding another layer of false legitimacy to the phishing page. Unfortunately, attacks like this are making it harder to identify what is legitimate.
Our advice is always to check the URL closely. If you aren’t expecting it, then there’s a high possibility it is malicious. As always, if you have any doubts, pick up the phone or email someone to double-check.
Scottish Mental Health Charity Disrupted By Sophisticated Cyber-attack
SAHM, the Scottish Association for Mental Health, reported that they had been victims of a sophisticated cyber-attack. The attack disrupted their network and left staff unable to access emails locally and nationally.
The attack also disrupted the phone lines. Billy Watson, the Chief Executive of SAHM, said, “We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organisation that is relied on by people at their most vulnerable.”
While the attack details are currently unknown, all charities & businesses, as a minimum, should have a process in place for regularly testing their systems to identify any weaknesses.
NCSC Updated Advice Regarding Use Of Russian Technology Products & Services
The NCSC has recently reported the dangers to UK businesses using Russian technology, stating that they currently have no evidence to suggest that the Russian state intends to leverage Russian commercial products and services.
However, “Russian law already contains legal obligations on companies to assist the Russian Federal Security Service (FSB), and the pressure to do so may increase in a time of war.” said Levy.
Specific concerns have been raised regarding the Russian anti-virus vendor Kaspersky due to the nature of their business and its origin. The NCSC has provided specific advice for companies and individuals who are currently using Kaspersky.
You can read the full article by Ian Levy, NCSC’s technical director, here: https://www.ncsc.gov.uk/blog-post/use-of-russian-technology-products-services-following-invasion-ukraine
Illume Help A Top-150 UK Law Firm Remain Secure.
Law firms are a top target for cybercrime. The SRA published a review that identified 73% of firms had reported an incident, and an additional seven significant incidents had not been reported. Given the fact that law firms are a top target for hackers, illume was appointed to conduct an external penetration test on a top 150 UK law firm to assist in bolstering their cyber security defences.
Access the case study here: https://illumesecurity.co.uk/illumes-penetration-testing-helps-a-top-150-uk-law-firm-remain-secure/
From anti-malware, anti-phishing, SEO poisoning, and 2FA to SASE and cloud-based air-gap immutable backup storage, Securus has a security solution to suit your requirement and budget. If you would like to discuss your network security requirements in more detail with one of our cyber security professionals, please don’t hesitate to get in touch.