Freely subscribe to our NEWSLETTER

Cyber agencies in the UK, USA, and Australia all issued statements over the weekend regarding increased phishing activity linked to the incident, reminding people of the need for vigilance as they receive fake emails and calls promising to resolve the issues caused by the event. In fact, the UK’s National Cyber Security Centre (NCSC) noted that it had already observed an increase in phishing* relating to the outage.

In the wake of the worldwide IT outage, Niall McConachie, regional director (UK & Ireland) at Yubico comments on how bad actors take advantage of events like this, and explains how organisations and individuals can ensure they’re protected against subsequent phishing attacks:

"Cyber criminals often capitalise on events when a lot of confusion and panic is prevalent, such as Friday’s global IT outage. In the hours and days following the incident, bad actors have been tweaking their existing attack methods to take advantage of the situation. For instance, hackers have already adjusted their phishing campaigns to offer information about the outage, promising to help those impacted – providing cyber criminals with a way of hacking individuals and organisations.

"The spike in phishing activity associated with the incident highlights the urgent need for better cybersecurity training for employees and customers alike so that both know how to spot and report phishing attacks to keep both themselves and the business secure. Most employees do not receive frequent cyber security training**, which leaves them and their organisations vulnerable. To establish an effective cybersecurity awareness training programme, organisations must ensure this is properly resourced – as opposed to treating it like a collateral duty – in addition to frequently updating the training with the latest information on methodologies being used by hackers. This will reduce the vulnerability of employees facing increasingly sophisticated phishing attacks and, in turn, make services safer for customers to use – keeping the sensitive data of the business and customers secure.

"In conjunction with regular and up-to-date security training, organisations should consider implementing phishing-resistant authentication solutions. Basic username and password and weak multi-factor authentication (MFA) methods alone are far too easy for attackers to circumvent, allowing unauthorised access to online accounts and personal data. Instead, phishing-resistant MFA, such as passkeys like physical security keys, is more secure, user-friendly and can be used for both personal and professional data security. This is because it requires something you know (a PIN), something you have (the security key), and something you are (a physical touch of the key when prompted to gain access). These tools are especially important as cyber attacks relating to the global IT outage are unlikely to be limited to companies, but will also directly target customers and employees too."

— 

* https://www.ncsc.gov.uk/news/major-it-outage

**https://www.yubico.com/resource/state-of-global-enterprise-authentication-survey-uk/