InfoSec / Cyber

NCSC Weekly Threat Report October 15th

With cyberthreats becoming an increasingly worrying issue for organisations and the security of the data they hold, we thought it would be beneficial to write a weekly cyber security threat report

in order to highlight the wide ranging sectors which are impacted by cyber hacking, and therefore how important it is that your organisation protects themselves against these threats. We’ll be using case studies of companies that have experienced a cyber attack, and the damage they and their data subjects have suffered as a result. 

The National Cyber Security Centre (NCSC) posts their own weekly threat report which will be our source for these case studies, so if you wish to look at some of these news stories in more detail you can do so by visiting their website here. Other than that, we’ll get into this week’s threat report below.


Twitch Confirms Large Scale Data Breach

The live streaming platform Twitch, which I’m sure students are all too familiar with, have recently experienced a wide spread attack, which has resulted in as much as 100gb of data being posted to social media, and sensitive personal information of many of their most high profile streamers. Twitch have stated that the attack happened as a result of an error in a server configuration change, which meant that their source code could be accessed by a “malicious third party”. 

Amongst other types of data such as which streamers shouldn’t be banned and the reasons why, the hacked code has also meant that numerous popular streamers have had the amount of money they’re paid by Twitch be leaked online as well. As you can imagine this is a massive sensitive data breach. In addition to this, as they have already suffered a breach in this way, they are worryingly more likely to suffer another one.


New Android Malware allows tracking of all user’s activity 

Another lovely story here about Malware allowing hackers to access Android phones and their camera and microphone. This piece of malware was first seen in Canada and has been named “Tanglebot”. The malware allows the hackers to see absolutely anything the user does on their phone, as well as having access to their camera and microphone, seeing their location at all times and being able to view any of their data- scary stuff.

The way the malware is spread to devices is through text messages in a form of phishing, called smishing. This is becoming a more and more popular way of spreading malware and works by getting the user to click on a link in the message, similar to phishing emails. The link then takes you to a page asking you to install Adobe Flash Player and go through a number of dialogue boxes which ends up in the software being downloaded to the user’s phone which installs the malware that allows access to the device’s features and data. 

The NCSC has provided some advice on what to do should you receive any of these suspicious text messages. Should you receive a text message that you suspect to be suspicious, you can forward it to 7726. This is a free to use text messaging service which enables your provider to investigate the origin of the message and take action if it’s found to be malicious. You can also forward any suspicious emails to This email address is being protected from spambots. You need JavaScript enabled to view it., or use their online tool. 


Google announces implementation of 2 Factor Authentication for millions of users by the end of 2021

Google has announced that it is automatically enrolling 150 million Google user accounts and 2 million YouTube accounts onto 2 factor authentication (2FA), which it calls 2 step verification (2SV), by the end of 2021.

It is also making changes to the password manager built into Chrome, Android and the Google App. And has announced further developments to its Google Identity Services.

The NCSC has guidance on setting up 2FA on accounts and Cyber Aware has guidance on turning 2FA on for the most common email and social media accounts.