CyberScotland Bulletin

March 2021

Issue: 11.03.21

The CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. Due to the current circumstances we are continuing to circulate information about a much wider range of scams. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.

If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary

Please subscribe to our CyberScotland mailing list to receive these updates directly by email.

Section National Cyber Security Centre (NCSC)

National Cyber Security Centre (NCSC)

Cyber Aware Campaign and New Cyber Action Plan

Over the last year, some entrepreneurs have launched online-only businesses, following necessary restrictions due to the pandemic.

As part of the cross-government Cyber Aware campaign, which provides advice on how to stay secure online, the NCSC has created the Cyber Action Plan to help micro businesses and sole traders understand their online risk. Micro businesses and sole traders are being invited to complete a short questionnaire that generates a personalised list of actions linked to the Cyber Aware behaviours that will offer free bespoke advice and include steps to secure their business. You can also sign up to the NCSC’s Small Organisation Newsletter which aims to break down cyber related issues into bitesize pieces which can be read in your coffee break. 

The NCSC produces weekly threat reports drawn from recent open source reporting. View this week’s report here.

The Suspicious Email Reporting Tool was launched by the NCSC to allow members of the public to report suspicious emails. As of 28th February, the number of reports received stands at more than 5,000,000, with 71,000 individual URLs linked to 36,000 sites having been removed. Please forward any suspicious emails to: report@phishing.gov.uk. Suspicious text messages should be forwarded free of charge to 7726.

Cyberaware action plan
Section Scottish Government

Scottish Government

Strategic Framework for a Cyber Resilient Scotland

The Scottish Government have published The Strategic Framework for a Cyber Resilient Scotland which builds on Scotland’s first cyber resilience strategy.

Safe, secure and prosperous: a cyber resilience strategy for Scotland, expanding on its achievements and addresses ongoing and new challenges. The Strategic Framework for a Cyber Resilient Scotland sets out what we need to do to make Scotland a digitally secure and digitally resilient nation.

Go to Strategic Framework
Strategy
Section

CyberScotland Partnership

A new CyberScotland Partnership was announced during CyberScotland Week which includes 10 participating organisations, with the NCSC joining as a technical advisor.

This partnership will work to ensure individuals and organisations throughout Scotland can easily access correct and up to date guidance on cyber security and resilience. The group will work together to drive the delivery of activities that will help achieve the outcomes of The Strategic Framework for a Cyber Resilience Scotland. 

The collaboration’s first move was to launch CyberScotland.com which is now live. The website is a single online resource for individuals and organisations across the public, private, and third sectors seeking information and support across a range of cyber security and resilience issues. It also has information on skills development for anyone seeking to start a career in cybersecurity. 

Section

CyberScotland Week

A highly successful week of online event’s took place as part of the third annual CyberScotland Week with over 140 virtual events hosting from short, practical cyber security exercises to full day conferences.

With over 90 organisations across Scotland getting involved, the events helped to illustrate the importance of cyber security, helped raise awareness of cyber security behaviours across the public and organisations and showcased amazing career opportunities offered by the cyber security sector. Despite the challenges of hosting the festival entirely online, the week proved very popular and demonstrated the growing interest and awareness of cyber security in Scotland.

Section Trending Topics

Trending Topics

Fake Job Adverts

UK Finance and Cifas have warned that young people whose job prospects have been impacted by the pandemic are being targeted online by criminals looking to recruit “money mules” to launder the profits of their crimes.

Criminals are posting what looks like genuine job adverts, using social networking platforms or approaching young people with offers of cash rewards for little work. They promise you will earn money quickly by asking you to receive money into your bank account and then transfer it onto another account. Victims are usually rewarded with a payment for providing this service, making them a money mule. The latest research from Cifas has revealed there were 17,157 cases of suspected money muling activity involving 21-30 year olds in 2020, a five per cent increase on the previous year. 

  • Police Scotland have provided steps and advice to help you avoid becoming a victim. Money Mules – Police Scotland
  • Deterring young people from becoming money mules through the Don’t Be Fooled campaign, run jointly by UK Finance and Cifas. More advice from the campaign on how to avoid becoming involved in money mule fraud is available here. You can support the campaign by sharing this content through your channels. 
  • Don’t respond to adverts offering large sums of money for minimal effort.
  • Don’t give your bank account details to anyone unless you know and trust them.
  • Research any company that makes you a job offer and make sure their contact details (address, landline phone number, email address and website) are genuine.
Money Mule Twitter
MM_social_post_600
Section

Security Cameras

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras.

Aside from the privacy issues, these devices can now be modified by an attacker to try to access other devices and data on a network. If any organisations are using Verkade cameras and systems, they should disable them until further updates have been provided by the vendor. 

When stories like this come out hackers often look for the same or similar devices in order to try to replicate the compromise. It’s therefore likely that over the coming days other vendors will be targeted.

A very brief look across the Scottish central belt reveals the prevalence of internet connected cameras, both commercial and domestic. 

With the continuing growth in popularity of these smart devices, the NCSC has produced security guidance for users of this technology to help ensure it is used safely.

Security Camera footage image credit Shodan
Courtesy of Shodan
  • Owners of internet connected cameras are advised to ensure that the devices are segregated from other devices and data on their network.
  • Ensure that strong/complex passwords are in use to protect and prevent unauthorised access.
  • Default accounts should be disabled or secured to avoid compromise
  • Keep your camera secure by regularly updating it and installing the latest software or firmware update.
  • ‘Smart’ security cameras: Using them safely in your home.
Section

Free Call Blocking Devices

Following an increase in the variety of phone scams being reported by Scottish consumers since the beginning of the Covid-19 pandemic, Trading Standards Scotland is launching the roll out of free call blocking devices to vulnerable individuals who are most at risk from scammers and rogue traders.

The Scottish Government has provided £60,000 in addition to £20,000 funding from Trading Standards Scotland (TSS) to procure 725 trueCall call blocking devices which are available free of charge from Monday 8th March. The dissemination of call blocking devices supports the development of the scams prevention strategy currently being developed by the Scottish Government and partners including TSS. TSS will be working with the other partners involved in the strategy throughout the dissemination process and will be reaching out to charities and other groups working with vulnerable people.

To coincide with the launch of the call blocker dissemination programme, Trading Standards Scotland have published a list of the top ten nuisance calls which have been reported by Scottish consumers since the beginning of the first lockdown in March 2020. More information about the programme and how to apply can be found at: http://www.tsscot.co.uk/call-blockers/

You can find more information to help reduce nuisance and unwanted calls and messages along with tips and advice about what to do if you receive them and who to report them to on the Ofcom website. 

Top 10 Phone scams
Section News / Campaigns

News / Campaigns

NCSC, Small Organisations Newsletter – Coffee Break Cyber

SME’s cover a huge range of businesses and make up 99% of all business in the UK.

Often SME’s do not have the budget of large organisations to spend on cyber security. This Newsletter aims to break down cyber related issues into bitesize pieces which can be read in your coffee break. The NCSC want to provide you and your business with the advice and tools to minimise the risk of a cyber-attack. Each month will cover a different topic and will offer advice and links to further information. The NCSC are open to suggestions for topics you would like covered in up-coming issues. Read this month’s newsletter here

If you think the Newsletter is useful, then please sign up using the link here.

Section

Get Safe Online

Get Safe Online’s campaign this month is focussing on ‘Vaccination Scams’.

With the UK vaccination programme in full swing, the most recent wave of scams has focused on fraudulent offers of vaccinations, attempting to persuade recipients that they can ‘jump the queue’. This month’s campaign will highlight how to avoid being a victim of such scams during this time.

The COVID-19 vaccination is free and if you are offered it at a price, it could be fake, stolen or non-existent. NHS Scotland or health boards will never ask for your payment details, passwords or PIN numbers. For more information about who will be offered the vaccine and its delivery in Scotland, call the Coronavirus vaccination helpline on 0800 030 8013. Visit NHS Scotland for the latest COVID-19 medical guidance.

GSO_Mar21_COVID_scams_post-3
Section

Trading Standards Scam Share 

Other scams to be aware of are identified in this week’s Trading Standards Scotland Scam Share newsletter. You can sign up for the weekly newsletter here. 

Neighbourhood Watch Scotland

Sign up to the Neighbourhood Watch Alert system to receive timely alerts about local crime prevention and safety issues from partners such as Police Scotland.

Section Training and Webinars

Training and Webinars

NCSC Digital Loft Events

The NCSC is the UK’s technical authority on cyber security.

Delegates will learn about the different cyber threats and impacts of cybercrime and implementing fundamental security controls. These events are aimed at UK registered businesses, charities, the voluntary sector, academic and educational institutions only and cover a range of cyber security topics. 

Section

Exercise in a Box, Scottish Business Resilience Centre (SBRC)

SBRC are encouraging organisation to sign up for one of their free ‘Exercise in a box’ online sessions.

A FREE, 90-minute non-technical workshop which will help organisations find out how resilient they are to cyber attacks and practise their response in a safe environment. These sessions will focus on one of two scenarios, either ‘working from home’ or a ‘phishing attack leading to a Ransomware infection’. Find out more information on SBRC’s website. 

Book to join an upcoming session here. Workshops are available on Zoom and Microsoft Teams platforms.

Section Case Study

Case Study

Each issue, we aim to bring you real-life examples of scams, phishing emails and redacted case studies. If you have had an issue and would like to share your experience and what you have learned with others, please contact us to discuss:  CyberFeedback@gov.scot We are happy to anonymise case studies.

Section

Case Study – The importance of reporting

We can’t overemphasise the importance of reporting to reduce the potential harm caused by cyber incidents. The sooner you report, the quicker it can be resolved and less damage it will cause. Every organisation will be different but your IT team or line manager are usually the best place to start in the workplace. 

You can help to play your part in protecting others by reporting suspicious activity online and help make the internet a safer place. Reporting online crime however insignificant it may seem, can help to reduce the chances of others becoming victims. Reporting incidents could help the police and other law enforcement agencies to link your experience to similar reported incidents – building a picture of threats and trends and helping allocate resources to fight them more effectively. 

 The NCSC’s Suspicious Email Reporting Service was launched last April as part of the Cyber Aware campaign, which promotes protective behaviours to keep your online accounts and your devices as secure as possible. The service has seen a massive response from the public with over 5,000,000 reports submitted which has led to the removal of more than 36,000 scams. To use the reporting service, people are asked to simply forward suspect emails to report@phishing.gov.uk. If they are found to link to malicious content, it will be taken down or blocked, helping prevent future victims of crime. 

In June 2020, the Advertising Standard Authority (ASA) launched a Scam Ad Alert system in partnership with major online ad and social media platforms, including Google and Facebook, to help tackle scam ads online. They launched the system because, while the overwhelming majority of ads responsibly inform and entertain their audience, some are published with criminal intent. Scam ads lead unsuspecting consumers to sites which fleece and leave them out of pocket. Consumers have been reporting scam ads appearing in paid-for spaces online to the AVA via this online form. They have dedicated resources to assess these reports within 24 hours, enabling them to quickly and effectively alert platforms to scam ads so that they can promptly remove them, suspend the advertisers’ accounts and stop similar ads appearing in future. ASA have produced a 6 month review highlight key stats and trends since the launch of this tool. Reporting scam ads helps to keep everyone safe online, so if you are concerned about a potentially bogus ad you see in paid-for space online, please report it using this form.

Cyberattacks are crimes and as such consideration should be given to reporting the attacks to Police Scotland. If you become a victim of fraud or cybercrime you can report this to Police Scotland by calling 101 or in person at any Police station. 

Section Technical Annex

Technical Annex

Technical Bulletin

The CyberScotland Technical Intelligence Bulletin is now available to read here. This bulletin is designed to provide information about emerging or escalating cyber threats, and is created in conjunction with SBRC’s Cyber Incident Response. You can sign up receive the technical bulletin directly here.

Section

CISP

CiSP: The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to allow UK organisations to share cyber threat information in a secure and confidential environment.

It is a secure networking platform that enables its members to receive enriched cyber threat and vulnerability information and exchange information on threats and vulnerabilities as they occur in real time. CiSP is for professionals who have an obligation for cyber security within their organisation. Those individuals must work for a UK registered organisation or UK Government.

APPLICATION PROCESS 

The first applicant from a new organisation wishing to join the CiSP will require to be sponsored into this trust environment. Application is made online by visiting the NCSC website at  https://www.ncsc.gov.uk/section/keep-up-to-date/cisp 

A simple online form is completed which will ask for the sponsor’s details to be included. A check will be made with the sponsor that the organisation is known and meets the joining criteria. Thereafter all other members of the organisation can make applications by selecting the ‘Register as an Individual option which does not require sponsorship.

Please email cyberresilience@gov.scot to enquire about an organisational sponsor or for an overview of CiSP and SCiNET. 

Section

NCSC Early Warning Service

The NCSC provides a free service to organisations to inform them of threats against their networks.

The NCSC’s Early Warning service processes a number of UK-focused threat intelligence feeds from trusted public, commercial and closed sources, which includes several privileged feeds not available elsewhere.

By providing details of the assets your organisation owns, Early Warning will deliver feeds of the following types of threat information:

  • Incident Notifications – Activity that suggests an active compromise of your system. Example: Your IP address has been involved in a DDOS attack.
  • Network Abuse Events – Indicators that your assets have been associated with malicious activity. Example: A client on your network is a part of a Botnet.
  • Vulnerability Alerts – Indications of vulnerable services running on your assets. Example: You have a vulnerable port open.

Early Warning complements your existing threat intelligence products, and should not be used in isolation. For more details and to register visit Early Warning – Overview (ncsc.gov.uk)

Scottish Government
Police Scotland
Cyber and Fraud Centre – Scotland
Scottish Council for Voluntary Organisations
Back to top of the page