Caught in a cyber storm: Why is the UK experiencing a surge in attacks?

A series of high-profile attacks in the UK targeting Dell, Santander, Ticketmaster and a number of major hospitals in London has highlighted the need for all companies to invest in Cyber Security training for their staff Abbey Wright reports.

Guy’s, St Thomas’s and Kings College hospitals declared critical incidents following a ransomware attack associated with pathology services delivered by Synnovis, that resulted in the cancellation of operations and the redirection of emergency patients.

This incident had a substantial impact on service delivery, particularly affecting blood transfusions and test result processing. The NHS is working with the National Cyber Security Centre to evaluate the extent of the impact.

In May, Dell experienced a cyber-attack from a hacker who claimed to have stolen information on 49 million customers who made purchases between 2017 and 2024. The hacker brute-forced a company portal and exploited it for nearly three weeks. Dell has informed customers that the stolen data includes –
• names,
• physical addresses,
• Dell hardware details, and
• Order information such as service tags, item descriptions, order dates, and warranty details.

Scammers could use this type of data to impersonate Dell representatives, tricking customers into clicking malicious links and potentially leading to credential theft.

A group called ShinyHunters, is thought to be behind cyber attacks on both Santander and Ticketmaster. The group claims to have stolen data from Santander including –
• Bank details of 30 million people
• 6 million account numbers and balances
• 28 million credit card numbers
• HR information for staff.

Santander has confirmed that certain information relating to customers of Santander Chile, Spain, and Uruguay, as well as all current and some former Santander employees, had been accessed.No transactional data or credentials was contained in the database.

Live Nation, the owner of Ticketmaster, has confirmed “unauthorised activity” on its database which is thought to have led to personal details of 560 million customers being compromised. The hackers have demanded a $500,000 (£400,000) ransom payment to prevent the data from being sold to other parties.

It is believed that these hacks are interconnected, and there is a possibility that many others could become public.

Why could this be happening?

Managing Director Tony Wilson said: “While there are many technical controls security teams can implement to prevent successful attacks, the move to home working has meant the attack surface has grown and these controls cannot be solely relied upon. Users are not adapting quickly enough to malicious emails pretending to be from colleagues that direct them to websites to steal credentials.
“A lack of Multi Factor Authentication (MFA), weak credentials, unpatched software and unexpected services open to the internet, are the common attack vectors we hear about leading to most breaches.
“As remote working becomes the default, companies must ensure their workforce is trained in basic cyber hygiene including updating their computers, choosing strong passwords, spotting attacks and reporting any anomalies quickly. Users can be a companies strongest asset when thwarting attacks.”

How could you prevent this from happening to your organisation?

As a business within the cyber-security sector, we prioritize regular training sessions for our employees to enhance their awareness of cybersecurity. We understand the importance of keeping this topic at the forefront of everyone’s minds.
Our next online training course on June 25th can be booked on our website here