Tag: Cyber Threats

  • UK Launches New Software Security Code of Practice Amid Rising Cyber Threats

    UK Launches New Software Security Code of Practice Amid Rising Cyber Threats

    As the global cybersecurity landscape becomes increasingly fraught with challenges, the United Kingdom has taken a significant step forward in software security initiatives. On May 7, the National Cyber Security Centre (NCSC) and the Department of Science, Innovation, and Technology introduced a voluntary Software Security Code of Practice aimed at establishing baseline security protocols for software development. This initiative comes at a crucial time, as threats targeting software supply chains continue to rise.

    The Code of Practice includes 14 essential principles categorized into four main themes: secure design and development, build environment security, secure deployment and maintenance, and effective communication with customers. Notably, the NCSC emphasizes that software vendors carry the responsibility for ensuring security throughout the development lifecycle, which includes safeguarding third-party components. These principles aim to bolster transparency regarding legacy software and significant incidents that could affect users, as highlighted by the NCSC’s official blog.

    Senior leaders in software organizations are now urged to prioritize security measures and enforce these guidelines across their teams. The NCSC suggests that employees gain formal qualifications and receive training in secure coding standards, ensuring a culture of security within software development environments. Despite these efforts, critics argue that the technology market’s focus on growth often comes at the expense of security, leading to a troubling gap in the development of secure products.

    This new Code of Practice is part of an ongoing government strategy to enhance cybersecurity across the UK over the past decade. Previous frameworks, such as the 2018 Code of Practice for Consumer IoT Security and the Product Security and Telecommunications Infrastructure Act, have laid crucial groundwork for enhancing security standards in developing devices. Advocates like Beau Woods, a cyber safety expert with I Am the Cavalry, stress that the acknowledgment of these principles signifies a shift towards making security practices the norm rather than an exception.

    While the Software Security Code of Practice marks significant progress toward a more secure software environment, its voluntary nature raises questions about its effectiveness. Industry experts, including Tony Anscombe of ESET, acknowledge the absence of regulatory mechanisms that would compel compliance. Many existing principles, such as those outlined by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST), operate on a similarly voluntary basis, questioning whether self-regulation alone can keep pace with rapidly evolving cyber threats. Continued advocacy from government and industry stakeholders will be crucial in ensuring that these standards are not only adopted but also effectively implemented.

    Looking ahead, the success of this initiative hinges on widespread adoption and the establishment of a culture of accountability in software development. If embraced broadly, the fundamental principles outlined in the Code could address significant vulnerabilities throughout the software life cycle. Discussions about the potential for a certification scheme based on these guidelines suggest that future steps could further solidify these practices within the industry.

  • 2025 Mobile Threat Report Reveals Shift Towards Mobile Cyberattacks

    2025 Mobile Threat Report Reveals Shift Towards Mobile Cyberattacks

    The mobile threat landscape has undergone a significant transformation, according to Zimperium’s 2025 Global Mobile Threat Report. The report indicates that attackers are increasingly focusing their efforts on mobile devices, which have evolved from being a secondary risk to a primary attack surface for enterprises.

    One of the most alarming findings from the report is the rise of mobile phishing, referred to as ‘mishing.’ This type of threat now accounts for one-third of all mobile threats, with SMS phishing (or ‘smishing’) making up over two-thirds of this category. The United States has emerged as the most targeted region, placing American businesses at heightened risk from these sophisticated attacks.

    In addition to phishing, the report highlights serious vulnerabilities associated with sideloaded apps and outdated devices. Nearly 25% of enterprise devices contain sideloaded applications installed outside official app stores. These applications frequently include counterfeit or altered versions of legitimate apps that can stealthily steal sensitive data or install malware. Moreover, approximately 25% of mobile devices remain unable to upgrade to the latest operating system versions, leaving them exposed to known exploits.

    Another critical point raised in Zimperium’s report is the vulnerability of work applications. The report discovered that 23% of apps utilized on work devices engage with servers located in high-risk or embargoed countries, often communicating sensitive data without proper encryption. To mitigate these risks, Zimperium’s CEO, Shridhar Mittal, suggests that organizations must develop a comprehensive mobile security strategy that includes thorough vetting of both third-party and in-house applications.

    The report emphasizes the importance of device attestation as a critical component of mobile security. Even the most secure applications can be compromised if they operate on rooted, jailbroken, or malware-infected devices. To combat this issue, Zimperium advocates for the implementation of device attestation across all critical mobile apps.

    As companies continue to embrace mobile technology for productivity and customer engagement, the report warns that cybercriminals have adapted to this mobile-first environment. The importance of implementing robust mobile security measures is underscored by the fact that 70% of organizations support Bring Your Own Device (BYOD) policies and actively develop mobile applications for their workforce and clients.

  • Rising Cyber Threats in the Energy Sector: A Closer Look

    Rising Cyber Threats in the Energy Sector: A Closer Look

    Cyber threats targeting the energy sector are evolving, posing a significant risk to national infrastructure in the UK and US. According to research by Darktrace, these threats come in various forms, including state-sponsored attacks, profit-driven cybercriminal activity, and malicious insider actions. The impact of successful attacks can be devastating, potentially disrupting energy supplies and leading to severe economic and social damages.

    Email remains the primary conduit for such cyber threats, with 55% of incidents in both the US and UK involving phishing attacks aimed at harvesting credentials. Often, these attacks are executed through seemingly legitimate emails that compromise cloud-based services, such as Microsoft 365. Ransomware attacks have also surged, accounting for 18% of incidents, with notorious groups like ALPHV/BlackCat and Fog leading the charge.

    Incidents are on the rise, particularly in Europe, the Middle East, and Africa (EMEA), where renewable energy producers have faced heightened scrutiny from adversarial actors. Notable examples include targeted espionage campaigns against major companies like Honeywell and Schneider Electric, apparently linked to the APT28 group from 2019 to 2022. Furthermore, infamous hacking groups such as Sandworm have been implicated in attacks on Ukraine’s electrical infrastructure, highlighting the critical vulnerabilities within the sector’s operational technology.

    The advent of artificial intelligence (AI) in the energy sector presents both opportunities and challenges. While AI promises efficiency, experts warn that without adequate training, its implementation could introduce new vulnerabilities. Mark Bristow of the Cyber Infrastructure Protection Innovation Center at MITRE noted that while theories abound about AI disrupting power grids, the technology remains underdeveloped for such tasks at present.

    Moreover, the energy sector’s reliance on a limited pool of critical vendors exacerbates these risks. As highlighted by the Royal United Services Institute (RUSI), this over-reliance poses a formidable threat, as a single successful attack could have cascading effects on national infrastructure. Energy companies are now increasingly considering cloud hosting for operational technology devices, despite the new vulnerabilities this approach could introduce. With an increasing trend of outsourcing among energy firms, understanding the security posture of vendor software has become ever more critical.