London’s National Gallery Hit With 2 Million Attacks

Uploaded on 2020-03-30 in NEWS-Cybersecurity News, FREE TO VIEW

The National Gallery, one of London’s most popular art museums based in Trafalgar Square was hit with a staggering 1,875,250 email cyber-attacks last year. The gallery, which attracts over five million visitors every year, was hit by an astonishing total of 1,875,250 email cyber-attacks in 2019. These came in a variety of forms, including spam and virus attempts.

This is according to official figures obtained by Absolute Software, the cyber security specialists and leader in endpoint resilience. Absolute Software obtained the information via a Freedom of Information request. The figures displayed the lengths cyber-criminals went to try and steal the personal and financial data of members of the major tourist attraction.

 “It’s clear that cyber-criminals are mastering the art of malicious email attacks, designed to infiltrate the National Gallery and steal confidential data.... With millions of visitors every year and tens of thousands of members, it’s vital that London’s leading tourist hotspots have the right systems in place to protect devices from infiltration.” said Andy Harcup of  Absolute Software, 

The National Gallery, which is a non-departmental public body of the Department for Digital, Culture, Media and Sport, prevented a wide range of sophisticated attacks from reaching their destination. The gallery's online security team successfuly blocked email addresses software was able to quarantine 1,176,656 different attack attempts, while its detection software blocked 18,378 spam emails and 443,741 attempted connection emails. 

A further 179,844 emails were stopped under the category of anti-spoofing lockout and 10,959 were registered as manual envelope rejection. Another 2810 emails were blocked under the category of Simple Mail Transfer Protocol (SMTP).
“With many major museums now closed due to the COVID-19 outbreak, it’s critical that enterprises have full visibility of the assets allocated to remote workers as well as always having control of those assets in case of the need to take action,” added Harcup.

The National Portrait Gallery, another one of London’s most prestigious art galleries, was targeted by 347,602 emails containing spam, phishing and malware attacks in the final quarter of 2019, according to official figures and this data underlines the threat posed to the capital’s museums by malicious hackers who are intent on stealing membership data from tourist hotspots.

Of the 347,602 blocked email attacks, 56 per cent (194,620) were identified as Directory Harvest Attacks (DHA).
A DHA is an attempt to determine the valid e-mail addresses of employees or individuals associated with an organisation’s server so that they can be added to a spam database. Additionally, 61,710 emails were blocked as the sender belonged to a ‘threat intelligence blacklist’.

In 2017, London art dealers were defrauded out of hundreds of thousands of pounds after hackers successfully breached company email accounts to monitor correspondence between clients.  The incident resulted in fresh cyber security guidance being issued by the Society of London Art Dealers, as well as tips for avoiding email fraud.

CloudPro:         Infosecurity-Magazine:       The Commentator:       The Commentator:

You Might Also Read: 

Cyber Crime Is An Increasing Risk For Charities:

 

« Hackers Are Exploiting Remote Workers
AI Is Closing The Cyber Skills Gap »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

Dreamlab Technologies

Dreamlab Technologies

Dreamlab specialises in securing critical IT infrastructures. We offer qualitative support and advice for managing your infrastructure and cyber security needs.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

Terralogic

Terralogic

Terralogic is a software and IT services company, an expert in IoT, Cloud, DevOps, App development and Cybersecurity.

Mainstream Technologies

Mainstream Technologies

Mainstream Technologies is an information technology services firm specializing in custom software development, managed IT services, cybersecurity services and hosting.

Clearvision

Clearvision

As an Atlassian Platinum Solution Partner, Clearvision works with teams in the UK and US, providing solutions for the Atlassian stack, Git and open source tooling.

SpireTec Solutions

SpireTec Solutions

SpireTec Solutions is an IT management training company offering 1500+ courses with state of art training facilities backed by a team of industry experts in various domains including cybersecurity.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,