As more of the world’s economies adopt digitalisation, the hunting grounds for threat actors grow larger and the number of cyber attacks increases. The difficulty lies in trying to quantify the amount of damage that these attacks cause.
The first report from Thomas Murray's Analytics Lab that seeks to do just that. Calculating the cost of cyber attacks: An economic analysis of the worldwide impact represents the first step in overcoming a frustrating lack of data when it comes to the economic impact of cyber crime.
This article provides an overview of the team’s groundbreaking approach and a summary of its fascinating initial findings. Discover more about their innovative approach to measuring one of the greatest challenges to global economic growth.
The NIS Directive, as the first EU cyber security law, aimed to enhance the resilience of network and information systems across the EU. In many respects it was successful, though it had limitations. These were laid bare during the coronavirus pandemic, which accelerated the move to online services in ways the drafters of the original NIS Directive did not anticipate.
It is intended that NIS 2 will address the unintended gaps of NIS 1. Described by the European Commission as "NIS 1 on steroids," NIS 2 expands the scope of the original Directive. It also intersects with other EU initiatives in the governance, risk and compliance sphere, such as DORA and CER.
Thomas Murray has been monitoring a growing level of cyber attacks on the world's financial sector, particularly banks. These attacks can often be linked to geopolitical events that have created an overlap of ideals and agendas between various hacktivist groups.
On 17 January, our threat intelligence lead held an exclusive live broadcast for our clients. He also created this whitepaper, in which he sets out his key findings. It explains who the major hacktivist groups are, what their favoured attack method is, who they target, how they are allied, and what their motivations are. He also sets out what organisations can do to protect themselves. If you would like to watch a recording of the live broadcast, you can request a link here.
This week, we revisit the explosive claims, made by the Guardian newspaper last month, that the Sellafield nuclear site had been hacked. The UK government strenuously denied that Sellafield had been breached, though the Office for Nuclear Regulation did admit that Sellafield Ltd, “is currently not meeting the high standards that we require in cyber security.”
The reports got one of our resident digital forensics and incident response experts thinking. What might threat actors hope to achieve with access to a nuclear plant that’s currently being decommissioned? And what are the wider lessons for all sectors?
Welcome to the first entry in our Cyber Series. This week, we explore the Post Office Horizon software scandal in the UK. The flawed Horizon accounting system developed by Fujitsu led to the wrongful prosecution of numerous sub-postmasters for theft and false accounting.
Our Director of eDiscovery and Litigation Support, Martin Nikel, critically examines the technological failures and legal and governance issues that resulted in one of the most significant corporate failures in UK history.