Phishing is a cyber attack that gathers sensitive information like login credentials, credit card numbers, bank account numbers or other financial information by masquerading as a legitimate site. Personal information like social security numbers, phone numbers and social media account information are also common targets for cybercriminals who perform identity theft. Phishing scams trick victims by using social engineering to create a sense of urgency.

What is CSIRT? CSIRT (pronounced see-sirt) refers to the computer security incident response team. The main responsibility of the CSIRT is to expose and avert cyber attacks targeting an organization. As the number of cyber threats grow each and every day, the importance of having a security team that is solely focused on incident response (IR) is fundamental.

Britain should be prepared for a Category 1 cyber security emergency, according to the National Cyber Security Centre (NCSC). This means that national security, the economy, and even the nation’s lives will be at risk. However, despite this harsh warning, UK businesses still aren’t taking proactive and potentially preventative action to stop these attacks from happening. So just where are UK businesses going wrong and can they turn things around before it’s too late?

A man-in-the-middle attack (MITM attack) is a cyber attack where an attacker relays and possibly alters communication between two parties who believe they are communicating directly. This allows the attacker to relay communication, listen in, and even modify what each party is saying. Man-in-the-middle attacks enable eavesdropping between people, clients and servers. This can include HTTPS connections to websites, other SSL/TLS connections, Wi-Fi networks connections and more.

A cyber threat (or cyber security threat) is the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

Industrial control systems are essential to the smooth operation of various national critical infrastructure. While once segmented from the web, these systems are now becoming increasingly more networked and remotely accessible as organizations transform to meet the digital age. This development potentially exposes industrial control systems to digital threats.

A cyber attack (or cyberattack) is any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to a computer system, infrastructure, network, or any other smart device. In some cases, cyber attacks can be part of a nation-states cyber warfare or cyber terrorism efforts, while other cybercrimes can be employed by individuals, activist groups, societies or organizations. Strong organizational wide cyber security controls are now more important than ever.

The cyber kill chain illustrates the structure of a successful cyber attack. It is effectively the hacker’s process from beginning to end, from scoping a target (reconnaissance) all the way to achieving their objective, whether that’s data theft or dropping and executing malware. When approaching your cyber security strategy, you should align your defences to the cyber kill chain. Like Batman becoming fear, to defeat the hacker, you must become a hacker.

The North American Electic Reliability Corporation (NERC) is an international regulatory organization that works to reduce risks to power grid infrastructure. They do this through the continual development of a set of regulatory standards in addition to education, training, and certifications for industry personnel.

Digital attacks targeting water facilities are on the rise. In its 2016 Data Breach Investigations Report, for instance, Verizon Enterprise disclosed an incident in which bad actors breached a water treatment plant and altered the levels of chemicals used to treat tap water at that facility. News of this incident came approximately two years after the ONWASA water facility revealed it had suffered a ransomware attack that had disrupted its internal computer system in the wake of Hurricane Florence.