NCSC Threat Report Poster

NCSC Threat Report – 24th February 2023

Microsoft Edge update disables Internet Explorer 11 app

Microsoft began to disable the Internet Explorer (IE) 11 app on certain versions of Windows 10 last week as part of a planned process of retiring the legacy browser.

Internet Explorer 11 has been out of support since June 2022 and, starting from 14th February, Microsoft said the app will be permanently disabled via a Microsoft Edge update being rolled out.

Organisations that have already transitioned to using Edge will not be affected by the update; however users that have not previously been redirected will be told that IE has been retired. Microsoft has said if users face any issues with IE-based sites after the update, they can still be accessed using the IE mode on the Edge browser.

The NCSC has published guidance on the importance of keeping software up to date and switching away from software when it is no longer supported as soon as practicable.

EU agencies warn of malicious cyber activities by APT groups

The European Union Agency for Cybersecurity (ENISA) and Computer Emergency Response Team (CERT-EU) jointly published an alert last week about sustained cyber activity by specific threat actors.

The publication warned that the threat groups APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda had been observed targeting business and governments in the EU, with recent activity focused on information theft, primarily via establishing persistent footholds within networks.

The EU has previously urged the Chinese authorities to take action against malicious cyber activities undertaken from their territory, adding that member state Belgium and commercial reporting had linked the named threat groups to Chinese actors.

ENISA and CERT-EU have called on all public and private sector organisations to take action to reduce the risk of being compromised and improve their cyber resilience by following the recommended mitigations in the report.

Organisations of all sizes can be targeted by a range of cyber actors so it is vital they put defences in place. The NCSC has published guidance to help public sector organisationslarger organisations and SMEs protect themselves online.

Report shows huge 2022 increase in ransomware against industrial networks

report by Dragos shows that the number of ransomware attacks against industrial infrastructure nearly doubled in 2022.

The report analysed major international incidents and identified increased attacks against manufacturing and operational technology (OT) in particular.

The report also reviews new threat groups in 2022, updates on active threat groups from the year and looks at ICS/OT vulnerabilities.

The NCSC has guidance for organisations advising how to protect networks against ransomware, as well as guidance on OT.

New guidance on supply chain mapping from the NCSC

Building on existing supply chain guidance, the NCSC has published new guidance to help organisations better understand the process of recording, storing and using information from suppliers.

Weaknesses in the supply chain are known to be a major cyber security risk for organisations, and there have been several high-profile supply chain attacks in recent years.

This guidance is aimed at procurement specialists, risk managers and cyber security professionals and will help organisations to grasp this complex area.

Recent posts