The sound of The Beatles’ Sun King and the phrase, “This isn’t just any cybersecurity attack…” come to mind. Marks & Spencer is just another one of countless companies to have been attacked, but theirs has made front-page news because it’s one of the UK’s most beloved brands. However, what about companies no one has ever heard of? Are they immune to being targeted?
Take a look at the ICO’s self-reported data breaches here.
This provides just a snapshot of the problem businesses face. What might be harder to accept is the reality that cybercrime is on the rise, as are the mitigation tools being used to combat these incidents. While most business owners believe they have strong cybersecurity measures in place, the majority of UK businesses lack standardised, ongoing training for their staff.
The official government reading on the situation, reported in 2024, revealed the following: Half of businesses (50%) and around a third of charities (32%) report having experienced some form of cybersecurity breach or attack in the last 12 months. These figures are higher for medium businesses (70%), large businesses (74%), and high-income charities with £500,000 or more in annual income (66%).
The most common type of breach or attack by far is phishing (84% of businesses and 83% of charities), followed by impersonation of organisations in emails or online (35% of businesses and 37% of charities), and then viruses or other malware (17% of businesses and 14% of charities).
So what can you do? Should you add more mitigation or more training? There is no one-size-fits-all approach. However, having your business well-educated, with good systems in place and a person or company aligned with your business goals, will help start the roadmap to success. For many companies, cybersecurity entails constant checks and maintenance to ensure their systems are where they need to be.
What about incidents such as the one that happened to Marks & Spencer? The NCSC has provided free advice for mitigating malware and ransomware attacks. However, implementing it can be tricky. If you think you may need help, don’t hesitate to reach out, as I’m happy to offer guidance.
NCSC Guidance
To mitigate malware and ransomware attacks, organisations are strongly encouraged to:
- Ensure two-step verification (multi-factor authentication) is deployed comprehensively.
- Enhance monitoring against unauthorised account misuse, such as looking for ‘risky logins’ within Microsoft Entra ID Protection, where sign-in attempts are flagged as potentially compromised due to suspicious activity or unusual behaviour, particularly where the detection type is "Microsoft Entra Threat Intelligence".
- Pay specific attention to Domain Admin, Enterprise Admin, and Cloud Admin accounts, ensuring that access is legitimate.
- Review helpdesk password reset processes, including how the helpdesk authenticates staff members' credentials before resetting passwords, especially for accounts with escalated privileges.
- Ensure your security operations centres can identify logins from atypical sources, such as VPN services in residential ranges, through source enrichment and similar methods.
- Develop the ability to quickly consume techniques, tactics, and procedures sourced from threat intelligence and respond accordingly.
About Apex Computing
Apex takes pride in supporting and providing IT support and cybersecurity services to businesses across the Northwest. We aim to make IT simple for all business owners and leaders. Based in Salford Quays, we have been providing bespoke and quality IT support for over 20 years. We employ IT experts and leaders who will help align your business with the current IT landscape and your business goals.