NCSC Come Off Bench To Help Manchester United

The British National Cyber Security Centre (NCSC) is assisting Manchester United with its recovery after a cyber attack, which has meant the football club has been unable to fully restore its computer systems. The NCSC has been advising United, with the club working to ensure the network is secure before switching it back on. In the meantime email is unavailable to staff along with some other operations.

 The Premier League club confirmed the hacking on November 20 and said it was not “aware of any breach of personal data associated with our fans and customers”, however,according to some newspaper reports Manchester United’s network has been affected by ransomware.

It said in a statement: “The club has taken swift actions to contain the attack and is currently working with expert advisors to investigate the incident and minimise the ongoing IT disruption... The club has extensive protocols and procedures in place for such an event and had rehearsed for this risk. Our cyber defences identified the attack and shut down affected systems to contain the damage and protect data.”

The club’s media channels, including its website and mobile app, were not affected, and nor is it currently aware of any breach of fan data it may hold although club staff still do not have access to email and some other functions are still not available.

Manchester United has said it would not comment on who was responsible for this attack or their motives."This attack was by nature disruptive, but we are not currently aware of any fan data being compromised. Critical systems required for matches to take place at the Old Trafford stadium remained secure and games have gone ahead as normal.”

Last week, United informed the Information Commissioner’s Office, as legally required, although they could yet face a fine from the data regulator if fan data is compromised as a result of the attack. On November 13, Ticketmaster was issued a £1.25 million fine for failing to keep its customers’ personal data secure in a 2018 attack.

The NCSC’s annual review showed the organisation defended the UK from more than 700 cyber-attacks over the last year. It noted a rise in the number of ransomware attacks – where attackers lock access to data until a ransom is paid, being deployed. 

The NCSC said it dealt with more than three times as many ransomware incidents compared with last year and noted that criminals were changing their approach during such attacks to increasingly threaten to leak information publicly unless payment is made. The NCSC’s report also revealed it had scanned more than one million IP addresses linked to the NHS for vulnerabilities as part of efforts to protect the health service. Out of 723 cyber incidents between September 2019 and the end of August this year handled by the agency, 194 were directly linked to the coronavirus pandemic.

The NCSC noted that criminals were changing their approach during such attacks to increasingly threaten to leak information publicly unless payment is made.

NCSC:      Sky Sports:       Peebleshire News:     Guardian:    Computer Weekly:

 You Might Also Read: 

Russian Spies Hacked The Korean Olympics:

 

« A ‘FunnyDream’ From China
New British Telecoms Security Law »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Centripetal Networks

Centripetal Networks

Centripetal Networks was founded with one vision - to protect networks from advanced threats by simplifying intelligence-driven security.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

Deductive Labs

Deductive Labs

Deductive Labs consulting services help customers with their technology, security and automation challenges.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

Pareteum

Pareteum

Pareteum is a leading Global provider of mobile networking software and services. Our mission is to provide a single solution to the problem of fully enabling and securing the Mobile Cloud.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

Mage Data

Mage Data

Mage (formerly Mentis Software) is a leading solutions provider for data security and data privacy software for global enterprises.

Virtual Technologies Group (VTG)

Virtual Technologies Group (VTG)

Virtual Technologies Group is a single source, IT product and services provider for SMBs and IT departments, delivering reliable, cost-efficient service, maintenance and support solutions.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

RB42

RB42

RB42 (formerly Nexa Technologies) provide cyber defense solutions (ComUnity, secure and encrypted messaging, detection of interception tools, etc) and cyber defense consultancy service.

Lightpoint Global

Lightpoint Global

Lightpoint Global is a bespoke software development company. We also provide a spectrum of services such as IT consulting, business analysis, QA and testing, and DevOps services.