A cyber-attack is any type of offensive manoeuvre employed by nation-states, individuals, groups, or organisations that targets computer information systems, infrastructures, computer networks, and/ or personal computer devices by various means of malicious acts. These attacks usually originate from an anonymous source that either steals, alters, or destroys a specified target by ‘hacking’ into a susceptible system.
The integration of the internet into our daily lives has been a continuous trend in the 21st century. Individuals, businesses, charities, and government all rely on digital technology and online capability, including in the delivery of essential and public-facing services. The COVID-19 pandemic has emphasised our reliance on digital technologies, both through personal communication and our ability to work remotely. Any sector of our economy and society that uses IT networks and systems is vulnerable to the threat. Cybercrime covers all crimes that:
Risks from cybercrime are many and varied. Information, that individuals and businesses hold, can be lost, damaged, or stolen. Data may be held to ransom, which creates reputational and financial risks to both individuals and businesses. Cyber-attacks can also affect management of utilities and the internet, impacting availability of these services locally or more widely. For businesses, cyber-attacks are costly and will impact on business productivity and may take a long time to recover from. Breeches in data releases or financial control can result in legal risks too, exacerbating impacts further.
Collaboration across agencies utilising technological capability brings many benefits, but also increases the potential for cyber-attacks. There are more routes through which vulnerabilities can be exploited and impacting not just the targeted agency, but also those connected through technologies. Supply chains are an area of risk when a supplier of a critical product or service is targeted, it can lead to compromise of systems and data in sensitive areas of public services.
Cyber security is essential to prevent cybercrime and is how organisations reduce the risk of a cyber-attack.
The National Cyber Security Centre (NCSC) support organisations as well as the general public who are impacted by cyber incidents. Further information on the SCSC is available via the following link.
The National Cyber Security Strategy 2022 sets out the government’s plan to make Britain secure and resilient in cyberspace.
It is the responsibility of individual organisations to maintain cyber-resilience within their own organisation; ensuring that they have plans in place to prepare for and mitigate the impacts of a ‘significant’ cyber incident.
In the event of a ‘significant’ cyber incident, the NCSC is responsible for triaging cyber-incidents, notifying cross-UK incident stakeholders, and coordinating the cross-UK response to the cyber elements of the incident to reduce harm to victims. The NCSC is responsible for the technical response to the incident but not for the management of consequences or impacts, especially at a local level.
It is recognised within Hampshire and Isle of Wight that a cyber-attack on an organisation within Hampshire and Isle of Wight could have secondary impacts impacting partner agencies who may be reliant on a service from the affected organisation. To ensure that as a partnership we can respond to cyber incidents a Cyber Framework has been developed which is designed to assist in identifying some of the key considerations in the event of a cyber-attack which may have a wider impact than the affected organisation(s) independently.
Personal cyber security is important and can reduce the risk of a cyber-attack. Cyber security is about personal behaviour as much as it is about technology. By ensuring you follow and undertake preventative steps you can limit the likelihood of a cyber-attack.
© 2024 Hampshire & Isle of Wight Local Resilience Forum. All rights reserved.