Skip to the content

Gavin Wood, CTO at Chess, reviews the top five cyber security news from the last month and advises how to protect your data. He covers:


Once again, we are reviewing the aftermath of a series of cyber attacks that have made it to the headlines:

What do they have in common?

Except for the UK government's advice, what do these attacks have in common? Ransomware – the gift for the cybercriminal that keeps on giving.

All of the organisations in these articles have been subject to ransomware attacks that have crippled their infrastructure, resulting in operations grinding to a halt, financial loss, and in the case of SEPA, directly losing £2Million in fees.

Across these articles, two types of ransomware are mentioned:

  • Conti Ransomware appears to be the cause of the disruption for KP snacks and SEPA
  • Blackcat Ransomware and Conti Ransomware are associated with the disruption to the European oil & fuel suppliers

Details on the Conti Ransomware can be found here

Details on the Blackcat Ransomware can be found here

How this ransomware was triggered across these articles is currently not documented. However, the BBC have stated that the attack affecting SEPA was probably through a malicious email and involved human error.


How does ransomware work?

Ransomware typically enters a company network via two routes.

Phishing emails with a ransomware payload are sent to end-users to trick someone into opening an attachment that will trigger the attack.

Once active the ransomware will move through the network, encrypting files, folders, etc on as many devices as it can access. Depending on how advanced the ransomware is, it may move laterally across devices until it can go no further or until there are no more devices, files, folders or accessible data to encrypt.

The other method now being more widely adopted by cybercriminals is targeted hacking, as it has potentially bigger payouts. Criminal organisations (state-sponsored or not) actively target a business. During this attack, malicious agents will attempt to gain access to a company's network through phishing, exposed vulnerabilities in a company's infrastructure, human error.

Once inside, the goal will be to gather as much information about the network as possible, get as many administrative privileges as possible, switch off active countermeasures such as backup routines which would allow for the easy restoration of data and plant a ransomware payload.

The process may take days or weeks or months. They aim to do all of this undetected, so a slow, methodical approach works best, less likely to trigger alarms or alert sysadmins of their activity. When the time is right, the ransomware is triggered. Since they have already compromised the systems, damage can be catastrophic, and recovery could be impossible if they have done their job properly!


The State of Email Security

Read Now


Should you be worried?

Well, the final article refers to the UK Government's cyber security section, the National Cyber Security Centre (NCSC), and says we should be bolstering our defences if the situation in Ukraine escalates. It already documented attacks against Ukraine from Russia that go back as far as 2015 and probably further spill out and are used against the UK.

While I would say that UK's defences should already be well-bolstered, any organisation can be the subject of a ransomware attack. A pray and spray automated attack could hit your business at any time. These are automated and not targeted. The cybercriminal takes a shotgun approach, so with enough ransomware out, they will get some return. If they affect your business, it could be severely disrupted, and that return could come from you.

A targeted attack is much more brutal and harder to defend against. When being actively targeted, cybercriminals are invested in attacking your business. However, the goal is the same - trigger the ransomware, collect the reward.

Sophos 2022 Threat Report

Read Now

What can you do?

You will never be 100% cyber safe, but as I have already said in previous articles, you can take steps to mitigate any attacks and limit the damage. These include:

  • Educate your people: Ensure they can identify cyber-attacks and know what to avoid, learn best practices, and what to do if they think there is an issue.
  • Have a plan: You need an incident response plan - how you will deal with the attack, limit any damage, and recover.


Please reach out if you want to talk about protecting your data from ransomware attacks. Book your free 30-minute security consultation with one of our penetration testers. Get agnostic advice from industry experts on how secure your business. Request here >


Recommended Content

2021 Top Security Vulnerabilities

2021 Top Security Vulnerabilities

Luiz Simpson, Director of Security Testing, summarised the top four vulnerabilities from last year.

Government Cyber Security Strategy: 2022 – 2030

Government Cyber Security Strategy: 2022 – 2030

Graham Foreman, Head of Public Sector Sales at Chess, comments on the new Government Cyber Security Strategy 2022 – 2030 and addresses the main challenges organisations may face.

Gavin Wood

Gavin Wood

Gavin Wood is the Chief Technology Officer at Chess. With over 20 years in the IT industry, Gavin has a track record of driving successful business transformation through technology. An avid yachtsman, he's a massive advocate for remote working and anywhere operations. 

Speak to a Product Specialist

You can fill out the form and one of our product specialists will contact you shortly with more information.
To contact our Sales team directly, please call 0344 770 6000 and choose option 4.
Customer Service
For general queries or to report a non-urgent fault, please log a ticket on our customer portal using the email address associated with your account. Logging a ticket is quick and easy to do. Once you have logged your ticket, we will respond within 24 hours or your Service Level Agreement, whichever is quicker.
I agree for my information to be used for marketing communications.
Chess Privacy Notice

By submitting your personal information through this form, you consent to your information being processed in accordance with the Chess group privacy notice.