Bulletproof’s range of cyber security, data protection and compliance services are your best defence against threats to your business. With nearly a decade of providing trusted security services, we’re continuing our mission of solving the greatest cyber security & compliance challenges through innovation and simplicity. Explore our range of services and find out how Bulletproof can help your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you.
Find out more about penetration testing – what it is, when you need it, and why it’s a core component of any business. Discover how pen test helps with compliance, powers best practices, and helps your organisation win new business.
Get peace of mind that your data protection is being managed by trusted, certified consultants. All Bulletproof data protection services are delivered by our highly trained, experienced and qualified staff.
Go beyond compliance with information security services that are designed to give real operational benefits to your business. All delivered by seasoned, certified Bulletproof security consultants.
No matter what your cyber or compliance challenges, Bulletproof is here to help. We like to work with you as a trusted partner to solve problems, not sell services. No pressure tactics and no false promises.
At Bulletproof we love to solve problems with simplicity & innovation. It’s our mission to make compliance & cyber security services accessible to all. We take pride in building and nurturing teams of exceptional talent, so we’re confident that our cyber security & compliance services are the best way to stay one step ahead of the hackers and protect your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you, no matter what you have to say.
Keiran Mather
Bulletproof red team demonstrate a novel approach to evade static analysis in Linux malware.
Read More
We’d like to start this post by saying that our thoughts are with everyone that is affected by the ongoing conflict in Ukraine. As widely reported in the news, we are also actively monitoring the increased level of malicious cyber activity related to the situation.
Businesses should be under no illusions: the cyber security shock waves from the Ukraine crisis will extend across the world. It’s therefore important to stay informed and act quickly so that your business is protected.
With that in mind, this post aims to provide information and insights about the current situation based on our own research and offer advice on how to defend your business against potential cyber attacks.
Our Security Operations Centre (SOC) is actively monitoring all activity from customer logs via our Security Information Event Management (SIEM) technology and wider threat intelligence sources. Our team remains on high alert for any deviations and is monitoring for suspicious activity. This includes, but is in no means limited to, the following:
Our SOC team encourages all organisations to put extra measures in place to actively monitor environments for suspicious activity. One of the most proactive steps you can take is to ensure that logs are being sent from all necessary areas of your network so that you can maintain an accurate, detailed overview of your entire attack surface.
Where possible, we are conducting further investigations for our clients with a particular focus on organisations operating in financial services, infrastructure and public sectors. This precaution comes as a result of our own research, which has shown increased activity since 20th January 2022 targeting the financial and insurance industries in particular.
Generally, we suspect the threat to the UK may increase in these sectors specifically. If this is the case, the attacks will likely have destruction and espionage motives against larger organisations, though we cannot rule out the case of malicious opportunist hackers who may present a higher risk to smaller businesses.
On social media there has been an increase in activity amongst bug bounty hunters and members of the community that are actively discussing using the cloud to conduct DNS reflection attacks. Some of these discussions include an ‘attack list’ of target IP addresses, which all seemingly originate in the East.
At this time we are not aware of the HermeticWiper malware affecting UK organisations. The indicator of compromise (IOC) has been included as part of our additional detection queries which our SOC are monitoring in real-time. We will be doing our part to assess the situation regularly and disclose any information that suggests it has changed.
It is tough to pinpoint exactly what types of attacks could target UK businesses. For this reason, we highly recommend applying the usual IT hygiene and security best practice.
Our recent research shows that 83% of all cyber attacks are phishing attacks. For this reason, we would encourage organisations to be extra vigilant against this attack vector, including watering hole and ‘vishing’ attacks, due to their ease of entry.
From a technical stance, we recommend all businesses ensure up-to-date system security patches are applied without delay across firmware, client devices and servers. Additionally, customers should update their anti-virus, IPS/IDS, and EDR solutions. These are fundamental steps in cyber security and are now even more important given the current, escalated threat landscape.
Our research also showed that 28% of businesses have critical vulnerabilities that could be immediately exploited as part of a cyber attack. It is therefore vitally important to identify and remediate vulnerabilities on an ongoing basis to avoid opportunistic attacks.
Nation state actors are much more likely to find zero-day vulnerabilities due to the resources available to them, and other hacking groups will quickly take advantage of these exploits once they become common knowledge. So on a final note, ensure you keep informed about the latest developments in the news, regularly monitor your organisation’s environments for suspicious activity and make sure that you are patching systems as quickly as possible.
While we can’t predict exactly what the cyber risk to UK organisations will be as a result of the Ukraine crisis, history tells us that the majority of attacks are successful due to poor cyber security practice and a lack of awareness. It’s therefore important to take action in order to reduce risk and prevent opportunistic attacks.
Information security wizard, evangelist, and guru – not to mention co-founder of Bulletproof. Oli’s always sharing deeply interesting and insightful things on this blog and on his LinkedIn. With many years’ of experience in understanding information security and innovation, Oli’s blogs are always a highlight.
Our team of experts can help you protect your business and stay ahead of hackers.
If you are interested in our services, get a free, no obligation quote today by filling out the form below.
I'd like to receive Bulletproof communications about relevant services and events
For more information about how we collect, process and retain your personal data, please see our privacy policy.