Janet Broadband Policy Watch

Last updated: 
4 days 23 hours ago
Blog Manager
Log in to request membershipHide blog description
This blog monitors and reports on broadband policy and marketplace developments in the UK, Europe and worldwide that are likely to be of interest to the Janet community. Posts here may also reference my Broadband Policy Watch blog and you can also find me on Twitter.

Group administrators:

Recent members:

Cyber security news roundup September 2017

Tuesday, October 10, 2017 - 12:24

Policy developments:

European Commission President Jean-Claude Juncker delivered his 2017 State of the Union Address, which included a number of new cyber security proposals including the establishment of a new European Cybersecurity Agency to assist Member States in dealing with cyber-attacks and a new European certification scheme to ensure that products and services are cyber secure. The new agency will build on the existing European Agency for Network and Information Security (ENISA), which this month published results from a survey on approaches to Implementing ICT security certification across the EU.

Research & analysis:

Phishing defence firm Phishme published new reports exploring UK and US trends in responding to phishing attacks: businesses are being  flooded with suspicious emails targeting employees but are ill-prepared to process and respond to those threats. Most organisations feel they have little, if any, expertise in anti-phishing and many feel their incident response processes are weak.

PhishLabs published its Q2 2017 Phishing Trends & Intelligence Report. A 41% increase in phishing volume was observed with  shifts in the industries that are being targeted: nearly 88% of attacks in the second quarter targeted five industries: financial institutions, webmail/online services, payment services, cloud storage/file hosting services, and e-commerce companies.

The Ponemon Institute published The Value of Threat Intelligence, its second annual study of over a thousand North American and UK companies, sponsored by Anomali. Eighty percent of North American respondents are now using threat intelligence (up from 65% in 2016), with 84% of participants agreeing that threat intelligence is “essential to a strong security posture.”

Verisign published its Q2 2017 DDoS Trends report: 25% of attacks in Q2 2017 peaked over 5Gbit/s; however, the average peak attack size decreased 81% compared to the previous quarter. The number of attacks also decreased since Q1 2017. Seventy-four percent of attacks used multiple attack types.

McAfee reported that Avril Lavigne is the 2017 McAfee Most Dangerous Celebrity; McAfee’s research reveals which celebrities generate the riskiest search results that could potentially expose their fans to malicious websites. Searching for “Avril Lavigne free mp3” results in a 22% chance of landing on a malicious website. The study also identified that Craig David is the most dangerous celebrity to search for in the UK.

Attacks and threats:

The Times published findings from freedom of information requests which showed that there were more than 1,152 intrusions into UK university networks in 2016-17, targeting research information and personal data (also see coverage from BBC News, the International Business Times, IT Pro and Silicon.

Popular PC maintenance tool CCleaner was found to have been compromised to deliver malware; also see analysis from Talos.

BBC News reported on data breaches suffered by Equifax (also see advisories from the UK National Cyber Security Centre and US-CERT) and Deloitte (also see a statement from the UK NCSC).

  • Twitter logo
  • LinkedIn logo
  • Google+ logo
  • Reddit logo
  • StumbleUpon logo