Cyber security expert calls on UK business to alert staff to likely rise in phishing attacks this week and ensure their multi-factor authentication is turned on

Late last week, the UK Government issued a warning that they are expecting to see a huge increase in phishing attacks on UK businesses from Russia and Iran in the coming days. The National Cyber Security Centre (NCSC) – a part of GCHQ – has also shared some details about the techniques and tactics used by the attackers as well as mitigation advice to combat the continuing threat.

Rob Quickenden, CTO, Cisilion says. “We know that multi-factor authentication (MFA) is still poorly adopted by many businesses, yet it is the most effective method against credential stealing. We are expecting spear-phishing – which involves an attacker sending malicious links, for example via email, to specific targets in order to try to induce them to share sensitive information. If businesses are using MFA it’s the best way to stop the attackers in their tracks.

“At a minimum to ensure your business is protected, you should be doing the following eight things today…

1. Ensure your MFA is activated for all users and admins – ideally linked to Risk Based Conditional Access.

2. Ensure legacy authentication protocols are blocked.

3. Block sign-in to shared mailboxes.

4. Disable external email forwarding – vector used to compromise and steal data and should ideally be controlled by your IT department.

5. Ensure services like Azure Identity protection is enabled, Defender for Office 365 (or Cisco Mail Security if they use that) are deployed.

6. Ensure devices are compliant and updated – ideally with XDR solutions like Defender for Endpoint rather than just simple antivirus software.

7. Ensure you tell staff about the likely increase in attacks and ask them to be extra vigilant – they are your best line of defence.

8. And finally, if you are a Microsoft 365 subscriber, use “secure score” to help you adhere to basic cyber security hygiene or leverage Microsoft funded security workshops via your partner to help educate, enable and adopt what you’ve already got.

“We find many organisations use multiple products from many different vendors which doesn’t always provide a holistic, joined up and integrated approach to security. Whilst not a quick switch flick, reviewing your wider security strategy and consolidating vendors should be on your list for improving your 2023 security plans,” says Rob.