Cyber security experts have long predicted that thousands of vulnerable Internet of Things (IoT) devices such as internet-connected CCTV systems would be hacked on mass and directed to perform huge DDoS attacks. That’s exactly what happened on 21st October when 152,000 IoT devices infected with malware were remote controlled by hackers and then used to orchestrate a 1Tb DDoS attack, the largest in history. A tsunami of network traffic was directed at a company called Dyn, a major domain name registrar, and it impacted their client’s web services, including Twitter, Yammer, PayPal, Starbucks, The Guardian, PlayStation, Wix, CNN, Spotify, Github, Weebly and Reddit.
Those IoT developers may want to read up on my IoT guidance on the IBM developersWorks website - Combating IoT cyber threats Top security best practices for IoT applications
The UK National Cyber Security Centre HQ went operational, which is part of the UK government's 5 year £1.9 billion cyber defence strategy, a much-needed investment to help safeguard the UK's digital economy from cyber attacks during these uncertain economic times for the country.
Ransomware continues to cause problems, especially within NHS, but on the flipside the https://www.nomoreransom.org/ website continues to be supported, with site providing excellent advice to both home users and businesses. I have even added a separate Ransomware Help section on my own website - https://itsecurityexpert.co.uk/en/securityhelp/ransomware-help
A couple of surveys show UK businesses are still struggling to understand what they need to do in order to comply with new strict General Data Protection Regulation (GDPR), which comes into force in May 2018 despite brexit. I plan to do a blog post providing business help the GDPR in the coming weeks.
News
World Biggest DDoS attack blows away Dyn, impacting Twitter, Yammer, and others
UK National Cyber Security Centre HQ Operational
NHS Attacked by Ransomware 'Dozens' of Times
'Hackable' Apple watches banned from UK Government Cabinet meetings
Hackers steal 43 million credentials from Weebly
In wake of Massive Data Breach, Verizon reassessing price for Yahoo Acquisition
Student discovers security flaw in Virgin Media Recruitment System
MasterCard plans to authenticate transactions using Selfies
European Ransomware initiative gains 13 new Member Countries
Over £1 Billion Lost by UK businesses to Online Crime in the Last Year
UK Banks not Reporting Cyber-Attacks
Hackers hiding Stolen Credit Card Details in Images
Forged Rail Tickets sold on 'Dark Web', BBC investigation reveals
Microsoft bundles Security Updates - no more pick and choose
Microsoft release 7 Critical Patches for Windows, Edge, IE, Office & Flash Player
Throw your Backdoored D-Link DWR-932B Router in the bin, urges Security Researcher
Awareness, Education and Intelligence
BAE releases online Cyber-Risk Tool Assessor
Top Five Email Phishing Attack Lures Revealed and How to Prevent Them
Reports
EU GDPR - Nine out of Ten Don't Understand it
Thales Survey: 84% of Brits reconsider Brands affected by Data Breaches
PCI SSC: The UK Business CyberSecurity Threat
Mobile is the New Playground for Thieves: How to Protect against Mobile Malware
73% of organisations across the globe have suffered a DDoS attack – Neustar Study
82% of Global and IT business Pros are concerned about GDPR compliance
Network Security Playbook Guide