CyberScotland Bulletin

The fifth annual Scottish Cyber Awards, hosted by Scottish Business Resilience Centre, recognised and celebrated stand-out individuals and organisations making a positive impact in Scotland’s cyber security sector.

We are delighted to announce that the Collaboration with Police Scotland Award was won by the Cyber Resilience Bulletin. Collaborating with Police Scotland and sharing threat intelligence with them over the past year was vital to getting the cyber resilience messaging out across Scotland. We would like to take this opportunity to thank our readers and we encourage you to continue to share the bulletin with others. You can see the full list of winners here.

NCSC Annual Review 2021

The National Cyber Security Centre have published their fifth Annual Review. It looks back at some of the key developments and highlights from the NCSC’s work between 1^st September 2020 and 31 August 2021. This year’s review has a focus on five distinct areas of cyber security with each chapter highlighting key achievements and developments. Read the 2021 Annual Review here.

NCSC Threat Report

The NCSC produces weekly threat reports drawn from recent open source reporting. View this week’s report here. It mentions a trend report analysing criminal activity revealed a 935% increase in the number of ‘double-extortion’ ransomware attacks compared to the same period in 2020. In this type of attack, the criminal will withhold data but also threaten to publish it as a way to force payment.

The NCSC’s Reporting Service

The NCSC is a UK Government organisation that has power to investigate and take down scam email addresses and website. As of November 2021, 127,000 individuals URLs linked to 68,000 scams were removed by the service.

You can help to play your part in protecting others by reporting suspicious activity online and help make the internet a safer place.

NHS Scam – Omicron variant phishing emails

Cyber criminals continue to exploit the pandemic as an opportunity. Criminals are sending out phishing emails about the new Omicron variant of COVID in an attempt to steal personal data and bank account details.

The email attempts to trick you into clicking on a link which takes you to a fraudulent website to apply for a ‘free Omicron testing kit’ from the NHS. Once the recipient opens the link to the email it asks for the recipient to upload their personal data including name, date of birth, address and email address and in some cases asks for a small fee to be paid. Similarly, a scam text message is circulating targeting young people to apply for a COVID Pass to help prove their vaccination status to enter public venues.

These personal details are what are required by the scammers to commit identity theft and fraud.

The NHS will never ask you to pay to receive a COVID19 vaccine or a copy of your vaccination status. Anyone receiving these messages via text or emails should report them to the authorities. If you are unsure about a message you receive in relation to COVID-19, hang up and call the NHS Scotland national helpline on 0800 030 8013.

• CyberScotland blog on Dealing with targeted phishing emails
• The NCSC have produced guidance on how to spot the most obvious signs of a scam. The guidance explains how to report phishing attempts, and how to protect yourself from scammers.

Make sure that Cyber Security is top of your Christmas list

Christmas holidays are a prime time for criminals to take advantage of. The CyberScotland Partnership have issued a cyber security reminder for public and private sector organisations to remain vigilant and take appropriate precautions to reduce their risk to ransomware and other cyber attacks leading up to and during the holiday season.

At this time of year, organisations will start to close and will be running with a heavily reduced staff count which can make organisations vulnerable. It’s important for staff to beware of phishing emails which try to trick you into clicking on links, are requesting you update bank account information or make invoice payments and requests.

Make sure you have taken all the necessary steps to secure your IT infrastructure ahead of time. From protecting your website, safeguarding your customer details to training your staff it’s time to take a closer look at your organisation’s cyber security.

Take the time now to review your business continuity plan and know where you can seek advice and support should you need it. Read our blog for further advice and support.

New app to support Scottish Businesses

A new app was launched by the Scottish Business Resilience Centre (SBRC), with support from Scottish Government, to help Scottish businesses stay safe on and offline.

The app will provide targeted notifications on subjects such as cyber threats, traffic and protestor activity amongst others. These will be coded into red, amber and green levels of priority to better inform businesses and allow them to distinguish which alerts will require immediate action and those that will require monitoring.

These notifications through the app will be provided from organisations including Police Scotland, Scottish Fire and Rescue Service, the Scottish Government and the CyberScotland Partnership.

Users will also have quick access to SBRC’s Cyber Incident Response Helpline, which can support organisations who believe they may have fallen victim to a cyber attack and need urgent advice.

The app is available to download from the Android and Apple app stores.

Trading Standards

Other scams to be aware of are identified in the latest’s Trading Standards Scotland Scam Share newsletter. You can sign up for the weekly newsletter here. Check out their #ScamShare Spotlight PDFs focusing on frequently reported email, phone, text and cyber scams in Scotland.

NCSC, Small Organisations Newsletter – Coffee Break Cyber

This SME Newsletter aims to break down cyber related issues into bitesize learning which can be read in your coffee break. The NCSC want to provide you and your business with the advice and tools to minimise the risk of a cyber-attack. Each month will cover a different topic and will offer advice and links to further information. Sign up for the NCSC newsletter

Testing your organisation’s resilience to cyber-attacks with cyber exercises

Scottish Business Resilience Centre (SBRC) will be giving organisations more opportunities to partake in cyber exercising sessions in 2022.

‘Exercise in a Box’ is a FREE, 90-minute non-technical workshop which will help organisations and charities find out how resilient they are to cyber attacks and practise their response in a safe environment. Currently, SBRC’s Exercise in a Box sessions offer three scenarios, ‘Working from Home’, ‘Digital Supply Chain’ and ‘Ransomware’.

Available from the 8^th December, SBRC now offer ‘Micro Exercise’ sessions which combines aspects of each of these with additional, broader cyber security learnings to ensure all organisations, regardless of their sector or level of cyber knowledge, can benefit. Micro Exercise in a Box workshops will discuss some of the basics of good cyber housekeeping. These sessions are free, do not require any technical knowledge, and are open to public, private and the third sector. The next session will take place on the 25th January.

For more information about these opportunities and to see upcoming dates visit  SBRC’s website.

Cyber Exercising Taster Sessions (Public sector) 26 January, 10am – 11am

If you have an understanding of exercising and want to take the next step after Exercise in a Box, then this session is for you.

This taster session will demonstrate how SBRC can help you with free custom cyber exercising. The cyber exercising events will showcase how they can help public sector entities prepare for a cyber incident, increase your digital resilience and minimise the impact of digital threats by using realistic simulations and scenario-based exercises. This session is aimed at public sector organisations, with opportunities for both private and third sector events in the coming months. Register Here

NCSC Engagement Digital Loft, Public Sector, 17 December, 12pm – 1.30pm

The NCSC is the UK’s technical authority on cyber security.

This virtual event will offer innovative guidance, discuss topical cyber issues and outline new tools. It will include two presentations which will be followed by a Q&A, an opportunity for you to ask the experts about their topic of choice.  Register here

Each issue, we aim to bring you real-life examples of scams, phishing emails and redacted case studies. If you have had an issue and would like to share your experience and what you have learned with others, please contact us to discuss:  CyberFeedback@gov.scot We are happy to anonymise case studies.

Computer Software Service Fraud

Fraudsters are cold calling victims, or using a ‘pop up’ windows on your web browser, purporting to be from well-known IT companies, banks or broadband providers such as BT, TalkTalk, Halifax and Bank of Scotland.

The criminals are claiming that the victim has problems with their computers, routers, or internet connection. Criminals are using the recent disruption caused by the storms across the country to help tailor their message.

The criminal persuades the victim to download software to their computer or laptop and connect via a Remote Access Tool (RAT). This tool would allow the criminals to gain access to the victim’s computer or mobile phone. Victims are persuaded to log into their online banking to receive a refund as a form of compensation, allowing the criminals access to the victim’s bank account, and the ability to move funds out of the victim’s account.

There has also been an increase in the variety of service providers being impersonated to commit these scams.

Always remember

• Ensure you have effective and updated antivirus/antispyware software and firewall running whenever your computer or mobile device is switched on.
• Never install any software, or grant remote access to your computer, because of a cold call.
• Do not be tempted to download programs or apps that are not from a trusted source, as they could contain malware (malicious software).
• Genuine organisations would never contact you out of the blue to ask you for personal or financial details, such as your Bank card PIN or full banking password.
• Don’t contact companies promoting technical support services via web browser pop-ups.
• Hang up on any callers who claim they can get your money back for you.
• Cover your webcam when not in use.
• Regularly back up your data.

If your device has been infected or you have been a victim

• If you have made a payment, contact your bank immediately. They can help you prevent any further losses.
• Disconnect your device from the network as soon as possible in order to prevent further malicious activity.
• If you granted remote access to your computer, seek technical support to remove any unwanted software. If you need technical advice, look for reviews online first or ask friends for recommendations.
• If you think the infection has been removed change the passwords of your online accounts and check your banking activity and report anything unusual to your bank.

For more information on how you can protect yourself online, visit https://www.cyberscotland.com/cyber-aware/

If you have been a victim of crime and it is not an ongoing emergency, you can report this to Police Scotland on 101. For all emergency calls, dial 999.

Technical Bulletin

The CyberScotland Technical Intelligence Bulletin is designed to provide information about emerging or escalating cyber threats and is created in conjunction with SBRC’s Cyber Incident Response team. You can sign up receive the technical bulletin.

Read the latest bulletin here

• Cyber Security Information Sharing Partnership
• NCSC launches early warning notification service