6/22/2020 Weekly Threat Report 19th June 2020 - NCSC.GOV.

UK

REP ORT

Weekly Threat Report 19th June 2020

T he NCSC's weekly threat report is drawn from recent open source reporting.

Poor password practices

A recent study carried out by FICO Consumer Digital Banking, showed only 40% of
people in the UK have separate passwords for their financial accounts. The
research highlighted that just over 20% of UK citizens only use between 2-5
passwords, which are then re-used for financial accounts.

A rise in working from home has made it increasingly important that people
improve their password practices. The NCSC has published guidance on what

https://www.ncsc.gov.uk/report/weekly-threat-report-19th-june-2020 1/4
6/22/2020 Weekly Threat Report 19th June 2020 - NCSC.GOV.UK

makes a good password as well as how to safely access and manage your
passwords across multiple devices using password managers.

The study goes on to provide information that there has been an increase in the
use of biometric security methods for online banking.

The NCSC provides further reading on understanding biometric recognition

technologies which can be found in the biometric recognition and authentication
systems guidance.

Email accounts targeted in phishing campaign

The NCSC continues to provide support to victims of a widespread phishing

campaign targeting a range of organisations in the UK.

The NCSC first raised awareness about this campaign in October last year, stating
that automated attacks designed to harvest credentials had been active since at
least July 2018 and appeared to be spreading indiscriminately across a broad
range of UK sectors.

The campaign targets victims by sending what appears to be a legitimate email

from a known email contact. The email may contain recent communication
between recipients and include links that if clicked redirect to a seemingly
legitimate login page. Any personal information entered can then be used
nefariously by criminals.

The NCSC has further information and guidance on dealing with suspicious emails,
phone calls and text messages including our Suspicious Email Reporting Service.

US network outages cause widespread speculation

“DDoS” was trending on Twitter on Monday with internet services and mobile
carriers down for people across the US.

https://www.ncsc.gov.uk/report/weekly-threat-report-19th-june-2020 2/4
6/22/2020 Weekly Threat Report 19th June 2020 - NCSC.GOV.UK

Claims that a massive DDoS (Distributed Denial of Service) attack was underway
were spread by a supposed Anonymous News Twitter account. Anonymous is a
longstanding hacktivist group that has allegedly remerged in 2020.

T Mobile, one of the US’ main network operators, issued a statement saying that
voice and text issues had been impacting customers across the country. Later in
the week, T Mobile published a technical statement revealing that the outage was
down to a leased fibre circuit failure that resulted in a sharp rise in IP traffic.

When any social media rumours about a cyber attack spread, the NCSC
recommends checking official sources to verify the details. Official Twitter
accounts belonging to government organisations and vendors that you trust are
good places to start.

The NCSC has guidance on handling DDoS attacks available.

Australia responds to targeting of government and critical

infrastructure

This week the Australian Prime Minister announced the country was aware of, and
responding to, malicious cyber activity targeting Australian governments and
critical assets by a “sophisticated state-based actor”.

The NCSC continues to work closely with our Australian partners on their
investigations. The Australian Cyber Security Centre’s (ACSC) technical advisory is
available at https://www.cyber.gov.au/news/advisory-2020-008-copy-paste-
compromises-tactics-techniques-and-procedures-used-target-multiple-
australian-networks. 

PUBLISHED

19 June 2020

WRIT T EN FOR i

Self employed & sole traders

Large organisations

https://www.ncsc.gov.uk/report/weekly-threat-report-19th-june-2020 3/4
 6/22/2020 Weekly Threat Report 19th June 2020 - NCSC.GOV.UK

Cyber security prof essionals

Public sector

Small & medium sized organisations

Individuals & f amilies

https://www.ncsc.gov.uk/report/weekly-threat-report-19th-june-2020 4/4