SES Blog

What are phishing scams? In this article, Adam Boland of SES explores the various types of phishing attacks and the steps you can take to defend against them.

As we get closer to the third anniversary of the introduction of GDPR legislation we have witnessed the number and severity of fines for breach of GDPR steadily increase. 

Each year, the headlines in the media about cyber-attacks don’t change much, with ‘cyber-attacks are on the rise’ and ‘cyber-attacks are getting more sophisticated’ being just two we see most often.

Last week the following article came across my desk. sharing the news that Amey PLC – the British giant providing infrastructure support services to both regulated and public sectors including Trafford councils bin collections has suffered a major cyber attack. It was reported that 143GB of sensitive personal, financial and commercial details have been leaked, with the attackers demanding a $2bn ransom.

Since news broke last month about the Solar Winds supply chain attack, a number of our concerned clients have sought advice on how to best remediate the impact of the software compromise. So, what exactly happened in this attack and what should we do about it?

Cyber Security is becoming a major issue for organisations across the globe and according to a recent report by Positive Technologies, many businesses are still not implementing necessary basic security controls.

We are overwhelmed by stories of organisations falling victim to cyber threats but a recent report released by ForgeRock, the ForgeRock Consumer Identity Breach Report puts the overall scale of the situation into perspective, summarising that 5 billion records were exposed by breaches in 2019 alone.

Worrying figures release recently in the fourth annual Hiscox Cyber Readiness Report state that one in six businesses are still opting to pay ransoms demanded by malicious individuals when falling victim to ransomware attacks.

Barely a week goes by without news of another cyber incident making the headlines and the stakes have never been greater for businesses. Data theft has become commonplace, the scale of ransomware demands has risen steeply and the environment businesses are operating in has become more hostile than ever.

Recently we published an article summarising some of the findings from Proofpoint’s 2020 “State of the Phish” report. That article focused on the rise in phishing threats over the last 12 months. However, this week we will be focusing on another concerning finding from the report – a lack of understanding when it comes to common phishing and ransomware threats.

Security threats are increasing year on year and 2019 was no different. Organisations across the world were constantly targeted by scams and vast quantities of data was breached by malicious actors. 

We are now almost two years on from the introduction of GDPR. During the first year of enforcement, the Information Commissioners Office (ICO) were quite lenient in their enforcement of the regulation, giving businesses the extra time they needed to adapt to the tightening regulations.