'Data Breaches are a State of Mind' Blog by IS Know How
Several Thousand Websites Hijacked via Accessibility Plugin Browsealoud
#Charity #SocialEnterprise #NonProfits who utilise the Accessibility app #BrowseAloud will want to contact their web developers as soon as possible, upon reading this article and to make sure that they're up to speed in mitigating this attack where necessary.
We think that it's safe to say, this especially won't please the Information Commissioners Office (ICO) who are the UK's Data Protection Regulator. It also goes to show that you can be of the largest organisations, or the smallest, where cyber criminals act largely without impunity and leave a trail of reputational damage and destruction in their wake.
"For several hours today, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper."Chris Williams, Editor in Chief @ TheRegister.Co.Uk
UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin hacked • The Register
IS Know How's Further Thoughts:
Don't be fooled into the mentality of "We're only a small non profit making organisation, wanting to help our stakeholders". It's rightly noble and incredibly respected by your clients and communities the length and breadth of the UK. However, that is where it ends, when it comes to cyber criminals - as the disruption to your data and business continuity, are just statistics, without the same form of morals or emotions.
We will see how this one plays out in the coming days.
IS Know How can provide your Charity, Social Enterprise or Not-for-Profit with several types of 'Proactive & Affordable Cyber Resilience Services', which are 'Fully Managed, So You Don't Have To' that can be deployed to cover Desktop & Server Endpoints, Email Mitigation, along with Website DDoS Mitigation and you can see those detailed below.
If there is anything else at all that you would like to enquire about, please Call Us on: 02921-679-021 during business hours, or alternatively open a New Support Ticket 24x7x365, and we will respond as promptly as possible.
We look forward to engaging with your Third Sector Organisation, where we combine the 'Complexity of Cyber Security, with the Simplicity of your organisations risks being Managed For You'.