NCSC Come Off Bench To Help Manchester United

The British National Cyber Security Centre (NCSC) is assisting Manchester United with its recovery after a cyber attack, which has meant the football club has been unable to fully restore its computer systems. The NCSC has been advising United, with the club working to ensure the network is secure before switching it back on. In the meantime email is unavailable to staff along with some other operations.

 The Premier League club confirmed the hacking on November 20 and said it was not “aware of any breach of personal data associated with our fans and customers”, however,according to some newspaper reports Manchester United’s network has been affected by ransomware.

It said in a statement: “The club has taken swift actions to contain the attack and is currently working with expert advisors to investigate the incident and minimise the ongoing IT disruption... The club has extensive protocols and procedures in place for such an event and had rehearsed for this risk. Our cyber defences identified the attack and shut down affected systems to contain the damage and protect data.”

The club’s media channels, including its website and mobile app, were not affected, and nor is it currently aware of any breach of fan data it may hold although club staff still do not have access to email and some other functions are still not available.

Manchester United has said it would not comment on who was responsible for this attack or their motives."This attack was by nature disruptive, but we are not currently aware of any fan data being compromised. Critical systems required for matches to take place at the Old Trafford stadium remained secure and games have gone ahead as normal.”

Last week, United informed the Information Commissioner’s Office, as legally required, although they could yet face a fine from the data regulator if fan data is compromised as a result of the attack. On November 13, Ticketmaster was issued a £1.25 million fine for failing to keep its customers’ personal data secure in a 2018 attack.

The NCSC’s annual review showed the organisation defended the UK from more than 700 cyber-attacks over the last year. It noted a rise in the number of ransomware attacks – where attackers lock access to data until a ransom is paid, being deployed. 

The NCSC said it dealt with more than three times as many ransomware incidents compared with last year and noted that criminals were changing their approach during such attacks to increasingly threaten to leak information publicly unless payment is made. The NCSC’s report also revealed it had scanned more than one million IP addresses linked to the NHS for vulnerabilities as part of efforts to protect the health service. Out of 723 cyber incidents between September 2019 and the end of August this year handled by the agency, 194 were directly linked to the coronavirus pandemic.

The NCSC noted that criminals were changing their approach during such attacks to increasingly threaten to leak information publicly unless payment is made.

NCSC:      Sky Sports:       Peebleshire News:     Guardian:    Computer Weekly:

 You Might Also Read: 

Russian Spies Hacked The Korean Olympics:

 

« A ‘FunnyDream’ From China
New British Telecoms Security Law »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

British Assessment Bureau

British Assessment Bureau

The British Assessment Bureau is an ISO certification body. We check conformity and compliance of companies to recognised ISO standards including ISO 27001.

Tinfoil Security

Tinfoil Security

Tinfoil is a simple, developer friendly service that lets you scan your website for vulnerabilities and fix them quickly and easily.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Guardz

Guardz

Guardz helps small and growing businesses to go from zero or low cyber protection to having comprehensive security – in the quickest and most straightforward way.

ThrottleNet

ThrottleNet

ThrottleNet provides world-class managed IT services and cybersecurity to organizations in St. Louis and throughout Missouri.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

Sage IT

Sage IT

Sage IT offer a wide range of professional and consulting services to help organizations overcome the challenges of today's ever-changing business environment.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.