Cybercrime

The Thames Valley Police / Cyber Protect & Prepare Team continue to offer free of charge Cyber Awareness presentations(dependent on our availability) suitable for the following audiences of 1. Organisations, Public Sector, Small to Medium Enterprises, Charities or 2. Community Groups as either an, in person or online presentation.

Cyber Coffee with Mark Godsland

Hello.

I’ve just received a notification that the UK NCSC are running a free to attend webinar for the sole / micro business sector on the 13th of June from 11:30 explaining the benefits of  passwords and 2SV (Two Step Verification)

Here is the link to register: https://ncsc-production.microsoftcrmportals.com/event/registration?id=Digital_Loft_Template2512923541

If you have any question regarding this, please make contact with the NCSC themselves and not your local Police Force, thank you.https://www.ncsc.gov.uk/section/about-this-website/contact-us

Regards, Mark

I’ve been advised of additional NCSC digital Loft webinars as indicated as below.

NCSC Small Organisations Digital Lofts

Everyone can do something to improve their cyber security, you don’t have to be from an IT or technical background. The NCSC are here to help you understand what actions you can do to improve your own and your organisations cyber security. The NCSC are running a number of 1hour webinars during June specifically aimed at small Organisations, although anyone is welcome to join. 

You can register for each of the events listed below by clicking on the titles.

11.30 on Thursday 16th June – Cyber Security for Small Organisations
How to improve your cyber security; affordable, practical advice for businesses.

1pm Wednesday 22nd June – Cyber Essentials
Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.

You can stay up to date with the latest information and events from the NCSC through the Subscription Centre.

If you have any question regarding this, please make contact with the NCSC themselves and not your local Police Force, thank you.https://www.ncsc.gov.uk/section/about-this-website/contact-us

 Thames Valley Police: Cyber Prepare and Protect 

(Find us on Twitter: @TVPCyber_Fraud) 

Welcome to this the third Cyber Prepare and Protect Newsletter for 2022, aimed at bringing the key National Cyber Prepare and Protect guidance to the Public, Private and Charity sectors across the Thames Valley area. As always the key source for advice, guidance is the UK’s National Cyber Security Centre (NCSC) 

As previously noted in our last few newsletters, the Thames Valley Police Cyber Crime Unit, is now managed by the South East Regional Crime Unit (SEROCU) that will enable closer collaboration with our colleagues in South East Region. To see the SEROCU Cyber Protect web page: Cyber Security for Organisations – South East Regional Organised Crime Unit (serocu.police.uk) 

In this latest edition: 

Ransomware: the number one cyber threat for enterprises and SMEs 

The 2021 NCSC Annual Review declared that ransomware has now become the most significant cyber threat facing the UK, with the impact of an attack on critical national infrastructure stated in the UK National Cyber Strategy 2022 as potentially as harmful as state-sponsored espionage. 

So there’s still a huge amount of work to do to protect not just our digital economy, but also businesses and citizens who can be victims of this growing threat. 

SMEs are also at risk 

One of the areas we’re looking to develop is ransomware solutions that are specifically designed for SMEs. While incidents like the Colonial Pipeline attack made the world realise how ransomware can cause mass disruption to critical infrastructure, SMEs face just as much risk. Unfortunately, many SMEs assume that ‘higher value targets’, such as critical infrastructure and larger organisations (with hefty resources and insurance policies) are a more probable target. That’s just not true. 

SMEs have fewer resources, face budget constraints and will often lack of in-house technical skills. This makes them a desirable target. And given that SMEs represent more than 99% of all businesses in the UK, the disproportionate financial, operational and reputational impact this can have on SMEs (many of which are less able to absorb financial shocks) is deeply concerning. 

Securing remote workers 

Remote Desktop Protocol (RDP) is the single most common ransomware attack vector, so it’s also crucial that we secure remote workers. One of the biggest targets for cyber criminals are remote access systems.

See more on PDF below:-

NCSC Guidance on mitigating Ransomware. https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks 

Powered By EmbedPress

Cyber Coffee with Mark Godsland

Hello and welcome to this the second Cyber Prepare and Protect Newsletter for 2022, aimed at bringing the key National Cyber Prepare and Protect guidance to the Public, Private and Charity sectors across the Thames Valley area. As always the key source for advice, guidance is the UK’s National Cyber Security Centre (NCSC)

The COVID-19 in 2022 situation continues to be forefront in everyone’s daily life both at home and at work despite recent changes and as we have previously covered a wide range of guidance and support in the distributed content since the April 2020 Newsletter, it is our intention to continue in this vein as required during the Pandemic.

As previously noted in our last few newsletters, the Thames Valley Police Cyber Crime Unit, although still located and delivering its enforcement responsibilities in the TVP Force area, now comes under management of the South East Regional Crime Unit (SEROCU) that will enable closer collaboration with our colleagues in South East Region. To see the SEROCU Cyber Protect web page: Cyber Security for Organisations – South East Regional Organised Crime Unit (serocu.police.uk)

In this latest edition:

NCSC Guidance “Actions to take when the cyber threat is heightened”

When organisations might face a greater threat, and the steps to take to improve security.

Balancing cyber risk and defence
Factors affecting an organisation’s cyber risk

Actions and advanced to take

Full item here: https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber- threat-is-heightened

Hello

Today the 23rd of February 2022, the UK National Cyber Security Centre (NCSC) has partnered with the Chartered Institute of Building (CIOB) to produce this guidance to help small-to-medium sized construction businesses protect themselves from cyber-attacks.

“ Recent high profile cyber-attacks against the construction industry illustrate how businesses of all sizes are being targeted by criminals. As the industry continues to embrace and adopt new digital ways of working, it is more important than ever to understand how you might be vulnerable to cyber-attacks, and what you can do to protect your business.

This guidance is aimed at small-to-medium sized businesses working in the construction industry and the wider supply chain (including the manufacture of building supplies, surveying, and the sale of buildings).

Whilst we cannot guarantee protection against all the cyber threats you face, by implementing the steps described, you’ll be protected from most common cyber-attacks. And should the worst happen, you’ll able to quickly recover”

The full item can be found here: https://www.ncsc.gov.uk/guidance/cyber-security-for-construction-businesses

Although UK Law Enforcement have not been tasked to disseminate this out, it will be of value to your organisation or your sector related contacts, therefore please disseminate this to those in who will find of value / have responsibility.

As always if you have any questions on such guidance, please send your questions in respect of this and or indeed any other elements of their content, direct to the NCSC and not your local Force: https://www.ncsc.gov.uk/section/about-this-website/contact-us

Specific advice from the NCSC about the reporting of a “Cyber Security Incident” https://report.ncsc.gov.uk/

Regards, Mark

Mark Godsland | Mr CISMP

Police Cyber Security Advisor

 

Thames Valley Police & South East ROCU

 

 
 

https://serocu.police.uk/cyber/

Loddon Valley Police Station Lower Earley, RG6 4PS

 

Follow us on Twitter for advice and guidance how to stay safe onlinehttps://twitter.com/TVPCyber_Fraud

 

The SECRC is working with the public, private and academic sectors to provide businesses with free guidance and affordable cyber services. https://www.secrc.co.uk/

 

Have you received a phishing email recently? You can now report it to report@phishing.gov.uk

For further information see: https://www.ncsc.gov.uk/report-suspicious-emails

Report a suspicious website – NCSC.GOV.UK

Create your own Cyber Action Plan to improve your cyber security here: https://www.ncsc.gov.uk/cyberaware/actionplan

**Guide to the reporting of Fraud and Cyber Crime to Action Fraud**

https://www.actionfraud.police.uk/guide-to-reporting

Archives
Cybercrime Protection with Mark Godsland

Hello If you are not aware, organisations can subscribe direct to the NCSC to receive a variety of their advisory content and information as indicated below. Regards, Mark FacebookTweetEmailPrint

Cybercrime Protection with Mark Godsland

Today the 28th of January 2022, the UK National Cyber Security Centre(NCSC) has issued a statement on their web page, titled: “UK organisations encouraged to take action in response to current situation in and around Ukraine” In summary

Cybercrime Protection with Mark Godsland

Hello Should you not be aware the Cyber Essentials Scheme developed by the UK National Cyber Security Centre has undergone an overall of the schemes technical controls. They have said “In November 2021 the NCSC announced an overhaul of the Cyber Essentials technical controls and a change to the pricing structure. Both these changes come …

Information about cyber security for small businesses.

crop cyber spy hacking system while typing on laptop

What is Log4j? Modern software can be large, powerful, and complex. Rather than a single author writing all the code themselves as was common decades ago, modern software creation will have large teams, and that software is increasingly made out of ‘building blocks’ pulled together by the team rather than entirely written …

crop hacker typing on laptop with information on screen

The National Cyber Security Centre (NCSC) have recently announced that the Cyber Essentials are to adopt tiered pricing structure from January 2022 which will reflect an organisation’s size.  The full post by the NCSC is available here: https://www.ncsc.gov.uk/information/cyber-essentials-prices-2022 If you have any questions on this matter IASME have provided an online blog …

crop cyber spy hacking system while typing on laptop

“On Wednesday 15th December, the Government has published its new National Cyber Strategy which sets out how the UK will solidify its position as a global cyber power. This is the first major milestone following the publication of the Government’s Integrated Review earlier this year. The strategy builds on the significant progress …

crop cyber spy hacking system while typing on laptop

The National Cyber Security Centre (NCSC), a part of GCHQ, is the UK’s technical authority for cyber security. Since the NCSC was created in 2016 as part of the Government’s National Cyber Security Strategy, it has worked to make the UK the safest place to live and work online. This review of …

WhatsApp Scam

A convincing WhatsApp scam where criminals pose as a friend or family member in need has cost users almost £50,000 in three months. Mark Godsland | Mr CISMP Police Cyber Security Advisor Thames Valley Police & South East ROCU New data from Action Fraud, the national reporting centre for fraud and cyber crime, reveals …

Skip to content