Britain should be prepared for a Category 1 cyber security emergency, according to the National Cyber Security Centre (NCSC). This means that national security, the economy, and even the nation’s lives will be at risk. However, despite this harsh warning, UK businesses still aren’t taking proactive and potentially preventative action to stop these attacks from happening. So just where are UK businesses going wrong and can they turn things around before it’s too late?

Wikipedia was knocked offline in several countries after being hit by a coordinated Distributed Denial of Service (DDoS) attack over the weekend. The Wikimedia Foundation made a statement claiming that the company's server suffered a "massive" DDoS attack and that its Site Reliability Engineering team is working to stop the attack and restore services.

A man-in-the-middle attack (MITM attack) is a cyber attack where an attacker relays and possibly alters communication between two parties who believe they are communicating directly. This allows the attacker to relay communication, listen in, and even modify what each party is saying. Man-in-the-middle attacks enable eavesdropping between people, clients and servers. This can include HTTPS connections to websites, other SSL/TLS connections, Wi-Fi networks connections and more.

A cyber threat (or cyber security threat) is the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

NATO Secretary-General Jens Stoltenberg claimed this week that a serious cyberattack on one member country would trigger a response from all member countries. Stoltenberg claims such an event would trigger a 'collective defense commitment', known commonly as Article 5, an attack on one member of NATO is an attack on all of its members. Article 5 has been involved once in its history - in response to the terrorist attacks on the United States on September 11, 2001.

Industrial control systems are essential to the smooth operation of various national critical infrastructure. While once segmented from the web, these systems are now becoming increasingly more networked and remotely accessible as organizations transform to meet the digital age. This development potentially exposes industrial control systems to digital threats.

A cyber attack (or cyberattack) is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to a computer system, infrastructure, network, or any other smart device. In some cases, cyber attacks can be part of a nation-states cyber warfare or cyber terrorism efforts, while other cybercrimes can be employed by individuals, activist groups, societies or organizations. Strong organizational wide cyber security controls are now more important than ever.

The cyber kill chain illustrates the structure of a successful cyber attack. It is effectively the hacker’s process from beginning to end, from scoping a target (reconnaissance) all the way to achieving their objective, whether that’s data theft or dropping and executing malware. When approaching your cyber security strategy, you should align your defences to the cyber kill chain. Like Batman becoming fear, to defeat the hacker, you must become a hacker.

The North American Electic Reliability Corporation (NERC) is an international regulatory organization that works to reduce risks to power grid infrastructure. They do this through the continual development of a set of regulatory standards in addition to education, training, and certifications for industry personnel.

The city of Naples in Florida is the latest city to be hit by hackers in a targeted spear-phishing campaign. Hackers disguised themselves as representatives from the Wright Construction Group and targeted the city in a spear-phishing campaign, resulting in the loss of $700,000 from the city. The Wright Construction Group once did infrastructure-related work in downtown Naples. Consequently, a member of an unnamed department transferred $700,000 to a fake bank account provided by the attackers.