ICAEW.com works better with JavaScript enabled.

Cyber round-up: February 2024

Author: ICAEW Insights

Published: 28 Feb 2024

This month we look at the latest stories in the world of cyber, the lessons 2023 has taught us on how to improve cyber security, and the changes to the Online Safety Act.

Deepfakes, data breaches and democracy 

AI-generated deepfakes are increasingly being used maliciously for common scams and fraudulent schemes. 

Earlier this month, a Hong Kong-based firm lost around $25 million to a deepfake scam. A finance employee at the firm received a message about a confidential transaction and was asked to virtually meet with the UK-based CFO and other team members. The CFO and all other attendees were deepfakes created using artificial intelligence. While sceptical at first, following the virtual meeting the finance employee agreed to remit the large sum of money for the secret transaction. The employee realised this was a scam when later contacting the organisation’s head office. While this case has been handed over to Hong Kong police, the investigation is ongoing.

In its 2023 annual review, the National Cyber Security Centre (NCSC) warned that increased sophistication of AI-powered tools will make the spread of disinformation easier. Those with influence and access to sensitive information, including CFOs and other executive figures in organisations, are more likely to be used as leverage in cyber-attacks using deepfake technology. To protect from these threats, individuals may reconsider how much personal information is shared on social media. Beware of accepting unknown connections that may be seeking to cause reputational damage or trick individuals into revealing sensitive information. The UK National Protective Security Authority also has guidance on how to spot false profiles. 

Southern Water recently announced that the organisation had been a victim of a cyber-attack. The company has estimated that data belonging to around 5% to 10% of its customer base, including personal and financial information such as bank account details, may have been stolen for sale on the dark web. This incident was reported to the Information Commissioner’s Office (ICO) and is currently under investigation. Individuals and businesses concerned about a breach of their details have been advised to contact the ICO. 

The ICO has outlined how organisations can use security measures to manage data protection in a beginner’s guide

Several US bodies, including the US National Security Agency, have reported that a Chinese hacking group known as Volt Typhoon has had access to critical US infrastructure. This has raised wider concerns. The NCSC has in turn raised further warnings about state-sponsored cyber-attacks. Cyber-criminals are now using sophisticated techniques, known as ‘living off the land’, to hide their activity on infiltrated networks by blending in with the system and network behaviour.

In response to this threat, the Cybersecurity and Infrastructure Security Agency in the US has launched guidance on how to identify and mitigate ‘living off the land’ techniques with recommendations that include creating a baseline of activity and regularly reviewing logs to note unexpected activity and behaviour. 

Learning from lessons

Cybersecurity AI leader Darktrace has released a report reviewing the cyber threat trends in the second half of 2023. The findings show that Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) were most consistently used in cyber-attacks during this period. MaaS was mostly used to harvest data which was then sold, or as an initial attack which resulted in more damaging malware and ransomware attacks. 

One of the most prevalent ransomware strains includes LockBit, which is believed to be Russian-based. Cyber-criminals can purchase and use LockBit’s services to hack into the computers of organisations and lock out users until a ransom is paid. It is estimated that around 25% of all ransomware attacks in 2023 were conducted using LockBit. This month, in an operation led by the UK’s National Crime Agency (NCA), enforcement authorities were able to disrupt and infiltrate LockBit’s systems. With access to data on LockBit’s activities, the NCA hopes to prevent the return of the hacking group.

Many companies that are victims of ransomware attacks choose not to report the attacks and simply pay the ransom. While there are many reasons why they may do this, including coverage by insurance companies, sharing this information and reporting attacks can be important to help protect organisations from future attacks. The NCSC encourages the reporting of cyber incidents. It also provides an early warning service to inform organisations of potential cyber-attacks as soon as possible.

ICAEW’s Corporate Finance faculty also recently launched a Cyber Security in Corporate Finance guide to help organisations manage cyber risk and improve governance in the context of a corporate finance transaction. 

Online Safety Act launched 

New criminal offences in the Online Safety Act took effect from the end of January this year. The new offences aim to protect people, particularly children, from a wide range of abuse and harm when using online user-to-user services. 

The Online Safety Act intends to hold tech companies and online platforms to account for the content hosted on their sites. It does this by appointing Ofcom as the online safety regulator, giving it powers to restrict access to the services if it finds organisations are not meeting their duties as outlined in the legislation. 

These changes illustrate how embedding proactive risk management as part of a company’s broader approach to governance and compliance will be necessary. Organisations with online services will need to consider and represent user safety at all levels of the organisation. 

You can read more about the act and the new changes here

Want to learn more about cyber security?

Attend ICAEW’s cyber security immersion event on 6 June 2024. This hands-on approach to cyber risk management will be held in person. More details and pricing are available here.

Got an interesting cyber story for us? Email techfac@icaew.com

ICAEW Manifesto

ICAEW sets out its vision for a renewed and resilient UK, drawing on insights and expertise from its members.

Manifesto 2024: ICAEW's vision for a renewed and resilient UK

Recommended content

Keep up-to-date with tech issues and developments, including artificial intelligence (AI), blockchain, big data, and cyber security.

Keep up-to-date with tech issues and developments, including artificial intelligence (AI), blockchain, big data, and cyber security.

Read more
ICAEW Community
Data visualisation on a smartphone
Data Analytics

Helping finance professionals develop the advanced data analytics and visualisation skills needed to succeed in this insight-driven era.

Find out more
latest cyber security articles
Open AddCPD icon

Add Verified CPD Activity

Introducing AddCPD, a new way to record your CPD activities!

Log in to start using the AddCPD tool. Available only to ICAEW members.

Add this page to your CPD activity

Step 1 of 3
Download recorded
Download not recorded

Please download the related document if you wish to add this activity to your record

What time are you claiming for this activity?
Mandatory fields

Add this page to your CPD activity

Step 2 of 3
Mandatory field

Add activity to my record

Step 3 of 3
Mandatory field

Activity added

An error has occurred
Please try again

If the problem persists please contact our helpline on +44 (0)1908 248 250