There has been a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks of 2017 and the Stuxnet worm, first discovered in 2010, when it was used to attack the control mechanisms of Iran’s uranium enriching centrifuges.

Professor Ciaran Martin CB, former CEO of the UK National Cyber Security Centre (NCSC), said, there are increasingly realistic scenarios “which cause the US and UK Governments to rightly warn organisations to be on heightened alert. However, these warnings are correctly not phrased in panic mode. UK says explicitly that there is no specific threat.”  What is good is that both governments are proactively engaged with organisations to help them enhance their cyber resilience.

Companies all over the world were caught in the NotPetya attack, causing huge commercial losses.  In the article “The Untold Story of NotPetya, how a single piece of code crashed the world”, Wired.com described the NotPetya attack as, “the most devastating cyberattack in history”.

A recent warning by the leading global cybersecurity governmental organisations has named new malware “Cyclops Blink”, citing it as an emerging threat of note. The National Cyber Security Centre (NCSC) describes Cyclops Blink as a “highly sophisticated piece of malware” that has been “professionally developed”.  It is clear the threat of malware, and particularly, sophisticated malware, remains.

Improving Cyber Resilience with NCSC

The NCSC takes a lead in helping organisations become more resilient at all times, but with the heightened potential for cyber incidents they have issued guidance for organisations to improve their cyber resilience.  That guidance is valid for all scenarios, and starts by saying, “The threat an organisation faces may vary over time. At any point, there is a need to strike a balance between the current (Read more...)