Cyber Inside Out: SECRC Regional Threat Update Webinar

In the last 12 months, businesses in the South East continued to experience cyber attacks with 340 cybercrime incidents reported to Action Fraud alone, although we know that this is only the tip of the iceberg as many crimes go unreported.


Join Justin Torgout, Director for the SECRC as he is joined by Chris White Detective Inspector for the SECRC, Nick Harris, Associate Director Information Security and Cyber Resilience at Oxford Nanopore Technologies and Kieran Fowler, Senior Information Security Consultant for W@terstons for our first ever Cyber Inside Out webinar.


Together, they breakdown the picture of cyber crime in the #SouthEast over the last year and give guidance on how businesses can develop their cyber security, to avoid similar attacks happening.


Since January 2020, the total reported losses to businesses are in excess of £500,000, on average the annual cost for businesses that lost data or assets after breaches was £8,460.


With cybercrime continuing to be massively underreported across the region, it’s likely that the real figure is much higher and many of the ones that were reported did not include details of financial losses and did not account for the potential lost business, IT resourcing to deal with incidents and the costs of recovery.


The COVID-19 pandemic significantly increased the amount of time we have all been spending online, so unsurprisingly there were peaks in cybercrime activity during April and May which coincides with the first COVID-19 lockdown.


Worryingly, between January and March 2021, cybercrime offences committed against businesses increased in several of the higher-harm offence categories (Ransomware, DDOS and Data Breaches). The key industries impacted by the more severe cyber incidents were the arts, entertainment and recreational industries.


These offences involved cyber criminals obtaining money or data through the likes or ransomware or by gaining access to business systems through confidential information exposed in data breaches.



Ransomware remains the primary disruptive threat to organisations in the South East region. Over the previous financial year there were a total of 46 ransomware incidents reported.


Darkside ransomware has been the most common ransomware variant detected in the previous quarter with three reported incidents. This type of ransomware works as a double ransom, with one payment to unencrypt data and a second payment required to prevent breached data being publicly released.


The group behind DarkSide ransomware also exert pressure on businesses to pay ransoms by distributing press releases and naming companies that have been compromised and are slow to meet their ransom demands.


Businesses were also faced with high levels of attacks where the organisation’s email or social media accounts were compromised.


Another threat trend in the previous quarter has been WhatsApp account takeovers targeting business accounts. Offenders are exploiting how WhatsApp uses two-factor authentication.


How do cyber criminals exploit WhatsApp?

If you add a new device to a WhatsApp account, it requires a code that is sent to the WhatsApp account associated with the original phone number. However, it is becoming apparent that offenders are commonly using social engineering methods to obtain this code and add their own device.

To help businesses outsmart cyber criminals and toughen up their cyber security, the South East Cyber Resilience Centre (SECRC), has been established to provide businesses and organisations, with an affordable way to access cyber security services and consultancy to help improve cyber resilience.


The SECRC offers a range a membership options depending on what level of support businesses in Hampshire, Surrey, Sussex, Oxfordshire, Berkshire and Buckinghamshire need.


Businesses in the South East can sign up for free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.


Find out more via the membership page.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.