Water regulator Ofwat flooded with over 20,000 malicious emails this year
The Water Services Regulation Authority, known as Ofwat, which regulates the private water and sewerage industry in England and Wales, has been flooded with a total of 21,486 malicious emails so far in 2021, according to official figures.
The data, obtained under the Freedom of Information (FOI) Act and analysed by the Parliament Street think tank, comes following warnings from the National Cyber Security Centre (NCSC) that smart cities could be at risk of a devastating cyber attack, arguing that sensitive utility and transport data also needs to be secured from being stolen in large volumes.
Ofwat has only 266 employees, which suggests that the corporate email addresses are regularly bombarded with spam and phishing emails, which if successful, could cause major problems for data protection as well as productivity.
In total, 5,149 emails were marked as phishing, which tricks users and staff members into believing that the message is a legitimate request — such as an email from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.
Spam emails, came in more frequently, with 16,337 emails reported as spam which could contain malware, which is software intentionally designed to cause damage to a computer, server, client, or computer network.
The highest month for spam emails was March 2021, where a total of 4,769 were flagged. The second highest was February 2021, with 4,116 spam emails flowing into recipients’ inboxes.
With phishing emails, March 2021 was the highest month, totalling 1,600, followed by February 2021 with 1,392 phishing attacks hitting the organisation.
All the 21,486 malicious emails were reported as being successfully blocked by the Ofwat.
Cyber security expert Chris Ross, SVP International, Barracuda Networks comments:
“Over the course of the pandemic, we’ve seen a huge rise in the volume and sophistication of malicious phishing emails designed to trick employees into handing over confidential data. These figures are another reminder of the risks these scams pose to critical national infrastructure, such as vital utilities and transport, with hackers seeking to disrupt services, steal personal financial data as well as holding organisations to ransom.
Tackling this threat requires a concerted effort, both in terms of delivering the necessary cyber awareness training so that staff think twice before handing out critical information and having the right email protection systems in place to identify and quarantine suspicious emails before they reach the inbox of users. Additionally, organisations should ensure they have the necessary backup and recovery systems in place, to mitigate against loss or theft of data in the event of a successful ransomware attack.”
About the Parliament Street think tank
Founded in 2012, the Parliament Street think tank is one of the UK’s leading research organisations, producing insights and policy papers on evolving threats such as cyber attacks.
More in Tech, IT & Comms
Storm Internet confirmed as B4’s Official Managed Web Hosting Partner
B4 announce their ‘Official Managed Web Hosting’ Partner – a multi award-winning organisation and long-standing B4 Member – Storm Internet. The partnership will see Storm Internet hosting B4’s website and becoming one of the Oxfordshire Business Summit sponsors.
The Ultimate Guide to Office Relocation – 9 -The Move Day...
The Move Day & Post-Move Actions Moving office is disruptive, so you need to be doing everything you can to mitigate relocation mistakes. Above all, allocate plenty of time for the move and don’t be too ambitious with what can be achieved in a day or two! If you have followed the guidance from our […]
The Ultimate Guide to Office Relocation – 8 – IT Specific...
IT-specific Considerations for an Office Move Let us present a list of things that we at Flex IT are regularly asked by clients who are moving offices. In some cases, advice is sought, in others, we are assigned responsibility for managing the IT side of relocation. Firstly, it’s very important to give your IT team […]
From this author
COP26 Response from Anthony Baker, Founder of Satellite Vu
A big story has just come out of COP26, and reported by the BBC, that UK firms will soon be forced to show how they will hit net zero.
Over one third of online shoppers will only associate with responsible...
More than one third (35 per cent) of online shoppers in the UK will only associate with ‘responsible’ brands – including those that treat staff fairly, source goods ethically, and do not misuse consumer data.
HMRC-branded phishing scams surge 87% in a single year
Total reports of suspected email, SMS, and phone attacks jump from 572,029 to 1,069,522 during the Covid-19 pandemic