Scottish firms and public bodies should bolster defences against an imminent Russian cyber onslaught, according to a security expert.
Jude McCorry, head of the Scottish Business Resilience Centre (SBRC), warns criminal gangs linked to Putin are plotting disruptive and potentially catastrophic hacking attacks when huge ransoms are demanded for the return of stolen files.
Her warning comes after Scotland’s environment watchdog reportedly spent more than £5 million recovering from a cyber-attack. The Scottish Environment Protection Agency (Sepa) had more than 4,000 files stolen by a hacker group linked to Russia in 2020.
McCorry said: “Many of the gangs doing this are linked to Russia and could be helping the government. They are incredibly sophisticated. One group called Conti has its own marketing department and even a helpdesk.
“One tactic that can be used is business email compromise. They look for businesses that they perceive to have a lot of money.
“Scammers get into the email system after someone clicks on a link and then they can lie dormant for six or seven weeks just analysing how people communicate in emails.
“For example, they might notice that I sign off my emails with my initial rather than my name and they would then use that to impersonate me.
“Everyone needs to remain vigilant and if there is money involved, always think twice. Make sure you check and double check emails are authentic.”
Russian cybercrime group Conti has used ransomware to extort millions from US and European companies. In February, it vowed to attack enemies of the Kremlin at the start of the war in Ukraine.
In a blog post, the Conti group said it was announcing its “full support” for the government of President Vladimir Putin adding: “If anybody will decide to organise a cyber attack or any war activities against Russia, we are going to use our all possible resources to strike back at the critical infrastructures of an enemy.”
Ukraine has been hammered by digital intrusions and denial-of-service attacks during the Russian invasion.
McCorry’s SBRC have worked with police and Royal Bank of Scotland experts to create a guide to safeguard against cyber hackers.
She said: “The travel and tourism sectors are still recovering from the pandemic, evidenced by what we have seen recently with delays and cancellations due to staffing issues.
“Scammers seek to take advantage of would-be travellers who have been left high and dry and are seeking fast solutions.
“This guide gives people the tools to tackle these scammers head on and so lead to fewer fraud victims.”
Other forms of soaring cyber fraud include: Lottery fraud where a person is told they have won a prize in a lottery, but need to pay the criminal an admin fee, racing tip fraud involves the criminal offering racing tips that are ‘guaranteed’ to pay off for a small fee, and rental fraud has risen where the criminal asks for an upfront fee to rent a property, which may not be theirs, or even may not exist.
Last year, an estimated 14,130 cyber-crimes were recorded by police in Scotland.
This almost doubled, with an estimated 7,240 cyber-crimes recorded in 2019-20. Police Scotland’s Assistant Chief Constable Gary Ritchie said: “The fraudsters behind these incidents do not discriminate. They will prey on anyone and have a complete disregard for the impact or consequences of their actions.
“New scams and new versions of scams are constantly emerging. Criminal gangs will move with the times and this has been the case over the past 24 months when we saw a marked increase in the number of online scams. Criminals have used this as an opportunity to hide behind the anonymity of a remote presence, exploit vulnerabilities and expand their activities.
“Online frauds and scams cost the UK an estimated £2 million every day. Online frauds and scams can be difficult to investigate as the criminals responsible are often based overseas which requires complex and co-ordinated investigations.”
The new Little Book Of Big Scams warns about 19 types of scams to look out for and what to do if you fall victim to one.
He added: “Prevention and education are key, so this guide is packed full of practical advice. The impact can be emotional as well as financial, so I urge everyone to download and share the guide with family and friends.”
Go to Home Page