This week’s Blog concerns the news that the UK government is actively prompting businesses to begin keeping offline copies of their records as a cyber-attack contingency plan. This of course means keeping back-up storage discs in an offline secure location or even reverting to paper records.
National Cyber-Security Centre (NCSC) report
The NCSC recently published report described a recent increase in nationally significant cyber-attacks this year, highlighting the cases of criminal hacks on Marks and Spencer, The Co-op, Harrods and Jaguar Land Rover, to name just a handful of the bigger cases to hit the headlines recently.
These cyber-attacks have led to empty shelves and production lines being halted, as the companies struggled without their computer systems. Organisations need to “have a plan for how they would continue to operate without their IT, (and rebuild that IT at pace), were an attack to get through,” said Richard Horne, chief executive of the NCSC.
What does nationally significant mean?
A nationally significant incident covers cyber-attacks in the top three of the six categories, in the NCSC and UK law enforcement categorisation list of threats. The total number of hacks that the NCSC dealt with in the first nine months of this year was, at 429, up 25% on a pro rata basis. To make matters worse, there was also a notable increase in hacks with a bigger impact. The number of “nationally significant” incidents at 204, was much higher than in 2024, when only 89 were in that category for the entire year
However, the NCSC said that the most serious attack of the year, which was not widely report for obvious reasons, was on a blood testing provider, caused major problems for London hospitals, not to mention a major loss of the personal information on thousands of patients. It also resulted in significant clinical disruption and directly contributed to at least one patient death and probably several more.
Who are the hackers?
The vast majority of attacks are financially motivated with criminal gangs using ransomware or data extortion to blackmail a victim into paying a ransom, usually in Bitcoins. Whilst most cyber-crime gangs are headquartered in Russia or former Soviet countries, there has been a resurgence in teenage hacking gangs, mainly based in English-speaking countries.
So far this year seven teenagers have been arrested in the UK as part of investigations into major cyber-attacks, including the attack on nursery chain Kido’s. The BBC did not report on the breach until the hackers began posting images and profiles of the children on their darknet site on 25th September in what cyber experts described as a “new low” in cyber-crime.
What can business organisations do?
As well as the advice over heightened preparations and collaboration, the government is asking organisations to make better use of the free tools and services offered by the NCSC, for example free cyber-insurance for small businesses that have completed the new Cyber-Essentials programme known as the Free Online Cyber Security Course with Certificate, would be an excellent start.
Graeme Stewart head of cyber-security firm Check Point, advised that: “without robust security systems, any digital system can be rendered useless, once targeted by hackers.” He also commented that “You wouldn’t walk onto a building site without a helmet, yet companies still go online without basic protection” and added. “Cybersecurity needs to be treated with the same seriousness as health and safety: not optional, not an afterthought, but part of everyday working life.”
According to the latest advice by the NCSC, people should plan for potential cyber-attacks by going back to pen and paper if no other secure option is realistically available. The government has recently written to all chief executives in the country strongly recommending that they should have back-up physical copies of their data at the ready as a precaution.
The final piece of advice from the NCSC that I’ll share with you today arises from the fact that most data breeches are not as a result of criminal whizzkids, but because someone in the targeted organisation has opened an email attachment, without being certain of the source. So, unless you are absolutely certain that the email and its attachment are from a trustworthy source, don’t open it!
Has HMRC ever been hacked?
The quick answer is we don’t know, which at first glance is concerning, until you realise that unless a demand for a ransom is made any organisation may not know it has been hacked, especially if the hack was for information to assist the hackers attack a third party.
But returning to our wonderful tax office, a recent FOI (Freedom of Information Request) to the ONS revealed that some parts of our tax department were still operating on so-called ‘Legacy IT systems’ such as Windows XP, Windows Vista and some older browsers such as Internet Explorer 6 or 7.
Whilst I should have been both surprised at this news, in truth it did not surprise me. A ONS spokesman admitted that because some of the systems still being used were so old, that there was effectively no defence against hackers. The spokesman went on to say that the ONS did not have any evidence of a significant breech of HMRC’s systems but could not state with any certainty that it had not happened.
Accountant’s view
Leaving to one side HMRC’s appalling lack of security of taxpayers’ data, at our accountancy practice, no data is stored on any of our computers as its uploaded and accessed in real-time to our cloud storage provider. We also have additional security measures and back-up plans in place, which for obvious reasons, I won’t go into in detail.
However, despite our extensive precautions, if our cloud storage provider were to be hacked, we would still struggle to restore all systems fully and at speed and would not know what data, if any, had been stolen unless we received a blackmail demand from a hacker. So, if this happens, we will be in the same ‘handcart-to-hell’ as the rest of you.
Back to pen and paper!
This week’s Blog concerns the news that the UK government is actively prompting businesses to begin keeping offline copies of their records as a cyber-attack contingency plan. This of course means keeping back-up storage discs in an offline secure location or even reverting to paper records.
National Cyber-Security Centre (NCSC) report
The NCSC recently published report described a recent increase in nationally significant cyber-attacks this year, highlighting the cases of criminal hacks on Marks and Spencer, The Co-op, Harrods and Jaguar Land Rover, to name just a handful of the bigger cases to hit the headlines recently.
These cyber-attacks have led to empty shelves and production lines being halted, as the companies struggled without their computer systems. Organisations need to “have a plan for how they would continue to operate without their IT, (and rebuild that IT at pace), were an attack to get through,” said Richard Horne, chief executive of the NCSC.
What does nationally significant mean?
A nationally significant incident covers cyber-attacks in the top three of the six categories, in the NCSC and UK law enforcement categorisation list of threats. The total number of hacks that the NCSC dealt with in the first nine months of this year was, at 429, up 25% on a pro rata basis. To make matters worse, there was also a notable increase in hacks with a bigger impact. The number of “nationally significant” incidents at 204, was much higher than in 2024, when only 89 were in that category for the entire year
However, the NCSC said that the most serious attack of the year, which was not widely report for obvious reasons, was on a blood testing provider, caused major problems for London hospitals, not to mention a major loss of the personal information on thousands of patients. It also resulted in significant clinical disruption and directly contributed to at least one patient death and probably several more.
Who are the hackers?
The vast majority of attacks are financially motivated with criminal gangs using ransomware or data extortion to blackmail a victim into paying a ransom, usually in Bitcoins. Whilst most cyber-crime gangs are headquartered in Russia or former Soviet countries, there has been a resurgence in teenage hacking gangs, mainly based in English-speaking countries.
So far this year seven teenagers have been arrested in the UK as part of investigations into major cyber-attacks, including the attack on nursery chain Kido’s. The BBC did not report on the breach until the hackers began posting images and profiles of the children on their darknet site on 25th September in what cyber experts described as a “new low” in cyber-crime.
What can business organisations do?
As well as the advice over heightened preparations and collaboration, the government is asking organisations to make better use of the free tools and services offered by the NCSC, for example free cyber-insurance for small businesses that have completed the new Cyber-Essentials programme known as the Free Online Cyber Security Course with Certificate, would be an excellent start.
Graeme Stewart head of cyber-security firm Check Point, advised that: “without robust security systems, any digital system can be rendered useless, once targeted by hackers.” He also commented that “You wouldn’t walk onto a building site without a helmet, yet companies still go online without basic protection” and added. “Cybersecurity needs to be treated with the same seriousness as health and safety: not optional, not an afterthought, but part of everyday working life.”
According to the latest advice by the NCSC, people should plan for potential cyber-attacks by going back to pen and paper if no other secure option is realistically available. The government has recently written to all chief executives in the country strongly recommending that they should have back-up physical copies of their data at the ready as a precaution.
The final piece of advice from the NCSC that I’ll share with you today arises from the fact that most data breeches are not as a result of criminal whizzkids, but because someone in the targeted organisation has opened an email attachment, without being certain of the source. So, unless you are absolutely certain that the email and its attachment are from a trustworthy source, don’t open it!
Has HMRC ever been hacked?
The quick answer is we don’t know, which at first glance is concerning, until you realise that unless a demand for a ransom is made any organisation may not know it has been hacked, especially if the hack was for information to assist the hackers attack a third party.
But returning to our wonderful tax office, a recent FOI (Freedom of Information Request) to the ONS revealed that some parts of our tax department were still operating on so-called ‘Legacy IT systems’ such as Windows XP, Windows Vista and some older browsers such as Internet Explorer 6 or 7.
Whilst I should have been both surprised at this news, in truth it did not surprise me. A ONS spokesman admitted that because some of the systems still being used were so old, that there was effectively no defence against hackers. The spokesman went on to say that the ONS did not have any evidence of a significant breech of HMRC’s systems but could not state with any certainty that it had not happened.
Accountant’s view
Leaving to one side HMRC’s appalling lack of security of taxpayers’ data, at our accountancy practice, no data is stored on any of our computers as its uploaded and accessed in real-time to our cloud storage provider. We also have additional security measures and back-up plans in place, which for obvious reasons, I won’t go into in detail.
However, despite our extensive precautions, if our cloud storage provider were to be hacked, we would still struggle to restore all systems fully and at speed and would not know what data, if any, had been stolen unless we received a blackmail demand from a hacker. So, if this happens, we will be in the same ‘handcart-to-hell’ as the rest of you.
Latest Post
Tax News Categories
MJ & Co support businesses at every stage
We provide expert advice for all size businesses.
Have questions or need expert advice? Our team at MJ & Co Accountants is ready to assist.
Whether it’s a query about our services, a specific accounting challenge, or a request for a consultation, we’re here to offer personalised support.