CyberScotland Bulletin

CATEGORIES

The CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.

If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary.

Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.

Keep up to date on social media, follow us on Twitter and LinkedIn.

NCSC update machine learning security principles

The NCSC’s ‘Principles for the security of machine learning’ were originally published in August 2022. Since then, a huge amount has happened in the world of artificial intelligence (AI) and machine learning (ML), and so the guidance has been updated.

In recognising that AI and ML can bring huge benefits to society, NCSC want to ensure those benefits are realised safely and securely. Using their principles will help people make the right security decisions when developing systems with AI/ML components.

Read the full story here

NCSC Threat Report

The NCSC produces threat reports drawn from recent open-source reporting. View the latest report here.  

To ensure you get the most up-to-date information from NCSC, you can sign up for their email service where they are sharing all advisories, threat reports, and urgent communications. Select ‘threat report and advisories’ to receive the most up-to-date content.

Organisations that are proactive in their approach to the management and handling of cyber security should consider joining the Cyber Security Information Sharing Partnership (CiSP).

Sextortion scams on the rise

Throughout 2022 and 2023, in the UK and internationally, there has been an increase in the reporting of ‘Financially Motivated Sexual Extortion’– often referred to as ‘sextortion’.

Sextortion can refer to a variety of offences committed online. It is most often used to describe online blackmail, where criminals threaten to release sexual/indecent images of you, unless you pay money or carry out their demands.

Read our guidance, provided by the Police Scotland Cybercrime Harm Prevention team, to better understand sextortion and the steps you can take take to prevent becoming a victim here

Scottish Students encouraged to take on major cyber-attack scenario in new challenge

The Cyber 9/12 Strategy Challenge 2024 is an annual cyber policy and strategy competition where students from across the globe compete in developing policy recommendations tackling a fictional cyber catastrophe.

Students will work together to craft actionable policy recommendations in response to a scenario that examines cyber threats to resilience. This competition is only open to students enrolled in colleges and universities based in Scotland.

This year it will be hosted by Abertay University, Dundee in partnership with the Scottish Government, Dewar Cyber Consulting and the Atlantic Council, a foreign policy think tank based in Washington, DC. Registration is now open with the online event taking place on 13 and 14 November 2024.

Find out more information here

UK Finance highlight financial losses through payment fraud and scams in new report

In their Annual Fraud Report 2024 UK finance has reported that fraud remains a major problem as over £1 billion was stolen by criminals in 2023, with much of this criminal activity taking place online.

The total number of Authorised Push Payment cases were up 12% to 232,429. The main driver behind this is purchase scams, where people are tricked into paying for goods that never materialise. The number of romance scams, where victims are tricked into believing they are in a relationship, also reached its highest highs in terms of losses and cases, which were up by 17 per cent (to £36.5million) and 14 per cent respectively.

Read the full story here

To learn about these threats and more check out our new guidance: Cyber Secure Banking: Online threats

CyberByte June: Holiday Scams

This month’s CyberByte focuses on holiday scams. With the summer holiday season fast approaching and perhaps with the excitement of travelling, keep in mind that cyber criminals will still be looking for that one opportunity to attack you online. It is important to be vigilant, to keep safe online and not to make it easy for criminals.

The new guidance promotes the importance of securing your devices, using secure networks and being vigilant about social media posting while on holiday to ensure cyber resilience during the summer season.

Read the full guidance here

New campaign launched by Victim Support Scotland (VSS) to recruit volunteers across Scotland

Do you enjoy helping others? Giving back to your local community? Can you dedicate some time to making a difference? Well, Victim Support Scotland is looking for volunteers, just like you.

Volunteers get hands-on training and are introduced to a variety of learning and networking opportunities. As well as making a difference to individuals in your local community, you’ll also learn new skills and gain experience working within the Scottish criminal justice sector.

Volunteering with VSS means helping victims and witnesses of crime, including cyber crime, receive much-needed free and tailored support as they navigate difficult and upsetting situations.

Find out if you might be a good fit: www.victimsupport.scot/volunteertoday

Trading Standards Scotland, Scam Share Newsletter

Other scams to be aware of are identified in the latest Trading Standards Scotland Scam Share newsletter. You can sign up for the newsletter here.

Check out their #ScamShare Spotlight PDFs focusing on frequently reported email, phone, text and cyber scams in Scotland.