The first quarter has been the worst on record for cyber- attacks. UK businesses reported more than one attack per minute on average, a 30% increase on Q1/19. This rate is thought to be similar across Europe. Easy Jet was hacked, exposing the details of 9 million customers, including credit card details in some cases. It now faces GDPR fines and a £8 billion class action lawsuit. Disturbingly, data harvested in the January Travelex cyber-attack is now being used in ransomware attacks: a large US media and entertainment law firm, with data on clients such as Madonna and Lady Gaga, was attacked although ransom details have not been released. The biggest increase in cyber-attacks has been against individuals, following the wide introduction of cyber virus-tracking schemes and an explosion in medical data-sharing. McAfee reports Cloud cyber-attacks have increased seven-fold during current pandemic. UK NCSC reports sharp rise in organisations crucial to COVID-19 issues, and the Red Cross plus 48 other international health organisation leaders have urged governments to work together to defeat cyber-attacks. UK’s contact-tracing app has many security flaws, and the government has not addressed how to protect this data, which it will hold for 20 years. Cyber attackers target individual with a text telling them they ‘have had COVID- 19 contact’, and asking them to click for details, enabling fishing or malware insertion. GDPR is ‘inadequate’ to protect against COVID-19 data risks (UK Govt), while Germany predicts that GDPR could collapse unless properly implemented. Despite high-profile breaches, Ireland has not imposed a single fine, whereas both German and French authorities have fined Google and Facebook respectively. Windows 10 update is causing major operating issues, and MS warns users not to install. A third of businesses plan to increase spending on IT and cybersecurity, despite pandemic.
Written By David Palmer OBE