What is a cyber-attack?

A cyber-attack is any type of offensive manoeuvre employed by nation-states, individuals, groups, or organisations that targets computer information systems, infrastructures, computer networks, and/ or personal computer devices by various means of malicious acts. These attacks usually originate from an anonymous source that either steals, alters, or destroys a specified target by ‘hacking’ into a susceptible system.

The integration of the internet into our daily lives has been a continuous trend in the 21st century. Individuals, businesses, charities, and government all rely on digital technology and online capability, including in the delivery of essential and public-facing services. The COVID-19 pandemic has emphasised our reliance on digital technologies, both through personal communication and our ability to work remotely. Any sector of our economy and society that uses IT networks and systems is vulnerable to the threat. Cybercrime covers all crimes that:

  • take place online.
  • are committed using computers, or
  • are assisted by online technology.

Risks from cybercrime are many and varied. Information, that individuals and businesses hold, can be lost, damaged, or stolen. Data may be held to ransom, which creates reputational and financial risks to both individuals and businesses. Cyber-attacks can also affect management of utilities and the internet, impacting availability of these services locally or more widely. For businesses, cyber-attacks are costly and will impact on business productivity and may take a long time to recover from. Breeches in data releases or financial control can result in legal risks too, exacerbating impacts further.

Collaboration across agencies utilising technological capability brings many benefits, but also increases the potential for cyber-attacks. There are more routes through which vulnerabilities can be exploited and impacting not just the targeted agency, but also those connected through technologies. Supply chains are an area of risk when a supplier of a critical product or service is targeted, it can lead to compromise of systems and data in sensitive areas of public services.

Cyber security is essential to prevent cybercrime and is how organisations reduce the risk of a cyber-attack.

The National Cyber Security Centre (NCSC) support organisations as well as the general public who are impacted by cyber incidents.  Further information on the SCSC is available via the following link.

NCSC website

Digital,Padlock,Icon,,Cyber,Security,Network,And,Data,Protection,Technology

Local Risk Rating

  • Telecommunications systems – Very High
  • Health and Social Care Systems – Very High
  • Transport Sector – Medium
  • Government critical system loss (public) – Medium
  • Government critical system loss (government) – Medium
  • Government Data Breach (Citizen Data) – Medium
  • Government Data Breach (sensitive information) – Medium
  • Home office managed critical information system – High
  • Defence Assets – Medium

What does the Local Resilience Forum do to prepare?

The National Cyber Security Strategy 2022 sets out the government’s plan to make Britain secure and resilient in cyberspace.

It is the responsibility of individual organisations to maintain cyber-resilience within their own organisation; ensuring that they have plans in place to prepare for and mitigate the impacts of a ‘significant’ cyber incident.

In the event of a ‘significant’ cyber incident, the NCSC is responsible for triaging cyber-incidents, notifying cross-UK incident stakeholders, and coordinating the cross-UK response to the cyber elements of the incident to reduce harm to victims. The NCSC is responsible for the technical response to the incident but not for the management of consequences or impacts, especially at a local level.

It is recognised within Hampshire and Isle of Wight that a cyber-attack on an organisation within Hampshire and Isle of Wight could have secondary impacts impacting partner agencies who may be reliant on a service from the affected organisation.  To ensure that as a partnership we can respond to cyber incidents a Cyber Framework has been developed which is designed to assist in identifying some of the key considerations in the event of a cyber-attack which may have a wider impact than the affected organisation(s) independently.

Associated Risks

  • Insolvency of suppliers of critical services to the public sector
  • Simultaneous loss of all fixed and mobile forms of communication
  • Regional Failure of electricity network
  • Failure of gas supply infrastructure
  • Failure of National Electricity Transmission System (NETS)
  • Technological failure of a systemically important retail bank
  • Technological failure of a UK critical financial market infrastructure
  • Water infrastructure or loss of drinking water
National,Grid,Energy,Network.,Electricity,Pylons,In,Uk,Countryside,,Rural

How can you prepare?

Personal cyber security is important and can reduce the risk of a cyber-attack. Cyber security is about personal behaviour as much as it is about technology.  By ensuring you follow and undertake preventative steps you can limit the likelihood of a cyber-attack.

How to reduce your chances of becoming a victim

  • try using three unrelated words, e.g. fish.book.table; and think of three different words for each account, so if one is compromised the others are safe.
  • never give personal or sensitive details out online or over email
  • make sure all devices have up-to-date anti-virus software and a firewall installed.
  • keep software and apps regularly updated.
  • only download from legal, trusted websites
  • only open emails and attachments from known and trusted sources
  • only ever use websites that start with https://, however make sure that you’re on the correct site by sense-checking the full website address.
  • avoid using public Wi-Fi hotspots that are not secure, use your 3/4G data. If you have no choice but to use Public Wi-Fi, then only use it with a Virtual Private Network enabled on your device.
  • regularly back up your data
  • control your social media accounts – regularly check your privacy settings and how your data is being used and shared.
  • be cautious of internet chats and online dating – there’s no guarantee you’re speaking to who you think.
  • be extremely cautious if you’re asked for money.

Email and Text Scams

  • Be careful when opening emails and texts, especially if you don’t know the sender. If an email or text is unexpected or seems unusual, even if it’s from someone you know, ignore it and contact the sender directly to check if they sent it.
  • Your bank, the police and reputable companies will never ask for sensitive or financial details via email, phone or text.

How to report a cyber crime

  • If you are currently being subjected to a live and ongoing cyber-attack then please contact us on 101.
  • If you suspect you’ve been scammed, defrauded or experienced cyber crime, the Action Fraud team can also provide the help, support and advice you need.
  • Call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).