Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity comment the cyber-attack on the Electoral Commission
After the cyber-attack on the Electoral Commission, affecting the details of tens of millions of voters has broken this afternoon. The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity discusses why the attack is so concerning and what businesses and the affected individuals should be doing to protect themselves against future cyber-attacks.
"The attack on the Electoral Commission is concerning – one concern here is that the stolen data could help to fuel future cyber-attacks and other types of fraud. Also, if a nation-state actor was at work here, this data could be used to boost any influence campaigns they are running against UK targets, in an effort to support that nation’s competitive agenda.
The fact that name and home address data has been stolen is worrying, as it could contribute to targeted social engineering attacks on the victims involved. My message to voters who may have been affected is to remain vigilant for future scam messages or other communications that may use your name and address to purport legitimacy, and to react with appropriate suspicion. Staying alert and not clicking on suspicious links or providing personal details, whether financial or password related, is the best way to stay protected from all types of phishing emails.
Organisations should learn from this latest breach by ensuring they’re doing everything they can to protect themselves and their data in a world where new cyber risks and dangers are evolving at compute speed. We’ve seen that increased employee flexibility around remote working practices often means increased cybersecurity risks. As a result, organisations must work with their staff to create strong cybersecurity habits so best-practice becomes second nature. To mitigate against cyber threats, regular education and phishing simulations are a must, and all employees and companies must stay updated with current trends. Rather than viewing data protection as a box-ticking exercise, it should be a key priority and integrated into every aspect of an organisation. Employee awareness and vigilance is the most powerful tool in the Cyber Resilience kit-bag."