UK Cybersecurity Weekly News Roundup - 23 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.

NHS Scotland Confirms Cyberattack Disruption

On 20 March 2025, NHS Scotland reported a major cyber incident that caused network outages across multiple health boards. The cyberattack disrupted clinical systems and led to delayed patient care, with staff reverting to paper-based processes. The incident has been linked to a suspected ransomware group, although official attribution is still pending. Investigations are ongoing with support from the National Cyber Security Centre (NCSC).

Further coverage from The Register confirmed that some systems were taken offline to prevent further spread, while emergency care remained operational. The affected regions included NHS Dumfries and Galloway, which issued a statement urging patients to only attend if absolutely necessary. (Read more on The Register)

NCSC Weekly Threat Report – 22 March 2025

The NCSC's latest threat report highlights ongoing exploitation of known vulnerabilities in Progress Telerik UI by state-aligned threat actors. The report urges UK organisations to patch vulnerable systems immediately, as attackers continue to target unpatched web servers.

Additionally, the NCSC notes an increase in malicious QR code campaigns—so-called "quishing"—where attackers embed phishing URLs into QR codes used in emails, posters, or even receipts. Organisations are advised to educate staff and implement QR code scanning policies.

Cyber Threats on the Rise as UK Eyes General Election

As the UK gears up for a general election later this year, the NCSC has raised concerns over potential interference campaigns and disinformation efforts by hostile states. Security services are reportedly on high alert, coordinating with political parties to bolster cyber resilience. While no major incidents have been reported yet, the threat landscape is being closely monitored.

Quick Bytes

• New phishing campaign mimics HMRC emails demanding urgent tax repayment. Be vigilant and double-check all official correspondence.
• UK universities warned of increased targeting by espionage-motivated groups, particularly in the fields of AI and quantum computing.
• ICO fines a London-based telemarketing firm £130,000 for unlawful data use and non-compliance with GDPR.

That’s all for this week! Stay tuned for more updates, and follow best practices to keep your systems secure.

➡️ Previous Post: UK Cybersecurity Weekly News Roundup - 17 March 2025

UK Cybersecurity Weekly News Roundup - 16 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.

UK Government's Stance on Encryption Raises Global Concerns

The UK government has ordered Apple to provide backdoor access to iCloud users' encrypted backups under the Investigatory Powers Act of 2016. This secret order applies not just to UK users but potentially to Apple users worldwide. In response, Apple has removed its Advanced Data Protection feature in the UK, expressing disappointment. This move has significant implications, raising concerns about global user privacy and security. Experts argue that creating backdoors compromises overall security, potentially allowing malicious entities to gain access. Apple's compliance or resistance will set a precedent for other governments seeking similar access. Read more

Sellafield Nuclear Site Improves Physical Security Amid Cybersecurity Concerns

Sellafield, the world's largest plutonium store, has been taken out of special measures for physical security by the UK's nuclear industry regulator, the Office for Nuclear Regulation (ONR). This decision follows significant improvements in guarding arrangements, allowing routine inspections instead of enhanced regulatory oversight. However, concerns regarding its cybersecurity remain. Last year, Sellafield was fined almost £400,000 for cybersecurity failings, allegedly involving hacking groups linked to Russia and China. While there was no conclusive evidence of a successful cyber-attack, cybersecurity remains a critical concern. Read more

UK Businesses Face Significant Financial Impact from Cyberattacks

In the past five years, cyberattacks have cost British businesses approximately £44 billion ($55.08 billion) in lost revenue, with 52% of private sector companies experiencing at least one attack during that period, according to insurance broker Howden. On average, these attacks cost companies 1.9% of their annual revenue. Larger companies, with over £100 million in annual revenue, are more likely to be targeted. Despite the significant risk, only 61% of businesses employ anti-virus software, and only 55% use network firewalls, due to cost and lack of internal IT resources. Read more

Global Sanctions Target Russian Cybercrime Network

The United States, United Kingdom, and Australia have jointly sanctioned Zservers, a Russian bulletproof web-hosting service provider, and two Russian operators linked to it for supporting the LockBit ransomware syndicate. The U.S. Treasury Department's Office of Foreign Assets Control, along with its U.K. and Australian counterparts, targeted Zservers for facilitating LockBit attacks by providing specialized servers resistant to law enforcement actions. Lock

UK Cybersecurity Weekly News Roundup – 9 March 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.

Microsoft Engineer's Transition to Cybersecurity

Ankit Masrani, a 36-year-old software engineer, successfully transitioned into a cybersecurity role at Microsoft. With a background in IT and a Master's degree in computer science, Masrani secured an internship and later a full-time position at AWS, focusing on data and network security. He now serves as a principal software engineer on Microsoft's Security Platform team, emphasizing the importance of skills in big data technologies, machine learning, cloud services, and comprehensive security knowledge for such career pivots. Read more

StubHub Breach: Taylor Swift Tickets Stolen

Cybercriminals exploited a backdoor in StubHub's system, stealing nearly 1,000 tickets, primarily for Taylor Swift's Eras Tour, resulting in over $600,000 in profits. The breach highlights vulnerabilities in ticketing platforms and the need for robust cybersecurity measures to protect consumer interests. Learn more

UK's Cyber Security and Resilience Bill Introduced

The UK government has introduced the Cyber Security and Resilience Bill, aiming to update existing regulations and strengthen the nation's cyber defenses. The legislation seeks to expand regulatory oversight, enforce stringent cybersecurity measures across various sectors, and introduce mandatory compliance with established standards to protect critical infrastructure and the digital economy. Details here

British Library Cyberattack: A Wake-Up Call

In October 2023, the British Library suffered a significant ransomware attack by the Rhysida group, leading to the theft of approximately 600GB of data. The attack disrupted services, delayed payments to authors, and highlighted vulnerabilities in cultural institutions. Recovery efforts are ongoing, emphasizing the need for robust cybersecurity measures in public sector organizations. More information

Global Impact: US Charges Chinese Hackers

The US Department of Justice has charged 12 Chinese nationals, including hackers and government officials, for their roles in extensive cybercrime campaigns targeting dissidents, news organizations, U.S. agencies, and universities. This action underscores the growing concerns over state-sponsored cyber espionage and the need for international cooperation in cybersecurity. Read the full story

Protecting Your Devices: Recent TV Box Malware Attack

TV owners are urged to perform essential security checks following a cyber attack affecting 1.6 million Android TV devices. Hackers infiltrated home networks through TVs, stealing data and using devices to mine cryptocurrencies, leading to increased energy bills. Users should update devices, uninstall unused apps, install anti-malware software, and avoid third-party vendors to safeguard against such threats. Learn how to protect your devices

Stay informed and vigilant to protect your digital assets in this evolving cybersecurity landscape.

UK Cybersecurity Weekly News Roundup – 2 March 2025

UK Government's Encryption Demands Lead to Apple's Data Protection Withdrawal

The UK government has mandated that Apple provide access to encrypted iCloud backups under the Investigatory Powers Act of 2016. In response, Apple has withdrawn its "Advanced Data Protection" feature for UK users, citing concerns over user privacy and security. This move has sparked a global debate on the balance between national security and individual privacy rights. Read more

International Sanctions Target Russian Cybercrime Network

The United States, United Kingdom, and Australia have jointly imposed sanctions on Russian web-hosting provider Zservers and two Russian nationals for supporting the ransomware group LockBit. This group has been linked to numerous high-profile cyberattacks, including those on Boeing and the UK's National Health Service, extorting over $120 million since 2019. Learn more

Sellafield Nuclear Site Improves Physical Security Amid Cybersecurity Concerns

The UK's Office for Nuclear Regulation has acknowledged significant improvements in physical security at the Sellafield nuclear site, leading to its removal from special measures. However, ongoing cybersecurity challenges persist, highlighting the need for continued vigilance in protecting critical infrastructure. Details here

Google Expands AI Initiatives in Poland to Enhance Energy and Cybersecurity

Google has signed a memorandum with Poland to develop artificial intelligence applications in the energy and cybersecurity sectors. This initiative aims to bolster Poland's technological infrastructure and reduce reliance on external energy sources, amidst increasing cyber threats. More information

US Department of Homeland Security Overhauls Cybersecurity Personnel

The Department of Homeland Security is set to terminate 12 employees from the Cybersecurity and Infrastructure Security Agency involved in monitoring misinformation. Additionally, all election security activities are temporarily paused to assess implications on free speech, reflecting ongoing debates about the role of federal agencies in regulating information. Read the full story

AI Safety Policies Shift Focus Towards Security

Recent policy changes in the US and UK are reframing AI safety as a security-focused issue, potentially sidelining ethical considerations such as bias and content accuracy. This shift has raised concerns among experts about the comprehensive governance of AI technologies. Explore the implications

Polish Space Agency Suffers Cyberattack

The Polish Space Agency (POLSA) detected unauthorized access to its IT infrastructure, prompting immediate security measures. Investigations are underway to identify the perpetrators, amid ongoing concerns about cyber threats targeting national agencies. Find out more

Australian IVF Clinic Hacked, Exposing Sensitive Patient Data

Genea, an Australian IVF clinic, suffered a ransomware attack by the group Termite, compromising nearly a terabyte of sensitive patient data. The breach has raised significant concerns about data security in healthcare institutions. Read more

US Treasury Department Breached by Chinese Hackers

The US Treasury Department disclosed a significant cybersecurity breach attributed to Chinese state-sponsored actors. The attackers accessed unclassified documents, highlighting vulnerabilities in federal cybersecurity defenses. Learn more

UK's War on Encryption Affects Global User Privacy

The UK's demand for access to encrypted iCloud data under the Investigatory Powers Act has led to Apple's withdrawal of its Advanced Data Protection feature for UK users. This move has significant implications for global user privacy and sets a concerning precedent for government overreach into personal data. Read the a

UK Cybersecurity Weekly News Roundup – 24 February 2025

Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.

Home Office Contractor's Data Collection Sparks Privacy Concerns

The Home Office faces scrutiny after revelations that its contractor, Equifax, collected data on British citizens while conducting financial checks on migrants applying for fee waivers. A report mistakenly sent to the Refugee and Migrant Forum of Essex and London (Ramfel) contained information on 260 individuals dating back to 1986, raising significant privacy issues. The Home Office has ceased using Equifax for visa fee waiver processing pending an investigation into the potential data breach. Read more

Apple Withdraws Advanced Data Protection in the UK Amid Government Dispute

Apple has removed its Advanced Data Protection (ADP) feature for UK users following a dispute with the British government. The government demanded access to encrypted material on Apple's iCloud under new evidence-collection powers. Apple, opposing the creation of a "back door" to its encryption service, opted to discontinue ADP in the UK. This decision highlights ongoing tensions between tech companies and governments over privacy and security regulations. Learn more

Sellafield Nuclear Site Improves Physical Security but Cyber Concerns Persist

The UK's Office for Nuclear Regulation (ONR) has removed Sellafield nuclear site from special measures concerning physical security, citing significant improvements. However, concerns over cybersecurity remain. Sellafield has been under scrutiny due to previous safety issues and cybersecurity deficiencies. Collaborative efforts are ongoing to address these challenges as the site continues to manage the nation's nuclear waste. Full story

UK Government Introduces AI Cybersecurity Standards

The UK government has unveiled a new Code of Practice aimed at protecting AI systems from cyber-attacks. This initiative seeks to provide businesses and public services with guidelines to secure AI technologies, thereby safeguarding the digital economy. The voluntary code is expected to form the basis of a global standard for AI security, reinforcing the UK's position as a leader in safe technological innovation. Details here

Cyberattacks Cost UK Businesses Over £40 Billion in Five Years

Recent findings reveal that cyberattacks have cost British businesses approximately £40 billion in lost revenue over the past five years. More than half of private sector companies have experienced at least one attack, with compromised emails and data theft being the most common threats. Despite the increasing risks, many businesses lack adequate cybersecurity measures, often due to high costs and limited IT resources. Read the report

Stay tuned for more updates and insights in our next weekly roundup.