Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

UK nuclear waste company targeted in cyber-attack

published on 2024-01-08 16:19:27 UTC by philviles
Content:

The organisation in charge of overseeing the management of the UKs radioactive nuclear waste has reported that they were the subject of an attempted cyber attack, and have highlighted that LinkedIn was utilised to facilitate the social engineering aspect of the attack.

The £50 billion Geological Disposal Facility (GDF) project, led by the United Kingdom's Radioactive Waste Management (RWM), aims to establish a substantial underground nuclear waste repository in the country.

RWM, a government-owned entity, facilitated the merger of three nuclear bodies - namely, the GDF project, the Low-Level Waste Repository, and another unnamed waste management entity - to form Nuclear Waste Services (NWS).

Although the full details of the attack or the tactics employed haven’t been released, a statement from Nuclear Waste Services highlights LinkedIn as a key element to the tactics and techniques employed by those responsible.

An NWS spokesperson said:

“NWS has seen, like many other UK businesses, that LinkedIn has been used as a source to identify the people who work within our business. These attempts were detected and denied through our multi-layered defences”.

LinkedIn has long been a repository of useful insights into the people working within organisations that can then be targeted by threat actors. Several campaigns seen in 2023 were reported, highlighting how data from LinkedIn such as job title, department worked in, details of colleagues/line managers were being leveraged by threat actors to aid phishing campaigns.

In early December last year, The Guardian Newspaper also reported that Sellafield had been the subject of cyber attacks from Russian and Chinese state sponsored threat actors, with malware detected within the systems at the site as far back as 2015.

The UK government were quick to respond to these claims with a flat denial of the details being made public by the media outlet.

Organisations should remain vigilant regarding the use of LinkedIn and to think carefully regarding any emails which may be equipped with familiar information that could have been gathered from LinkedIn, even if they appear to be from a trusted source.

Related articles:


Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).


Article: UK nuclear waste company targeted in cyber-attack - published 10 months ago.

https://www.emcrc.co.uk/post/uk-nuclear-waste-company-targeted-in-cyber-attack   
Published: 2024 01 08 16:19:27
Received: 2024 01 08 16:25:23
Feed: The Cyber Resilience Centre for the East Midlands
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor