Stay Cyber Safe

We wanted to provide an update on recent cyber-attacks targeting major UK retail companies and reassure you about the measures we are taking to protect our organisation.

Several major UK retailers, including Marks & Spencer (M&S), The Co-operative Group (Co-op), and Harrods, have recently experienced significant cyber-attacks. These incidents have caused disruptions to their operations, including online services, in-store systems, and back-office functions. The National Cyber Security Centre (NCSC) has described these attacks as a "wake-up call" for the retail sector to strengthen cybersecurity.

We want to reassure you that as a Council we have not been affected by these recent attacks. However, these events highlight the significant cyber risks that exist for all organisations. We are taking proactive steps to ensure the security of our systems and data, including:

• Multi-Factor Authentication (MFA): All staff are required to use MFA, adding an extra layer of security to our systems.
• Enhanced monitoring: We actively monitor for suspicious activity and have joined the 24/7 Cymru Security Operations Centre (Cymru SOC) for advanced threat detection and response.
• High-Privilege Accounts: We closely monitor accounts with high-level access to detect any unusual activity.
• Helpdesk Verification: Our helpdesk verifies staff identities before resetting passwords, especially for those with higher access levels.
• Atypical Logins: We detect and monitor login attempts from unusual locations or devices to prevent unauthorised access.
• Threat Intelligence: We quickly respond to new threats using the latest security tools and intelligence from various sources.

Your role: We remind everyone of their responsibilities to exercise vigilance and report anything suspicious to our ICT Service Desk.

If you haven't already completed the Cyber and Data Protection e-learning modules on Thinqi, please do so immediately. This training is crucial in helping us maintain a secure environment for all.

We are committed to maintaining the highest standards of cybersecurity and will continue to work closely with our partners to stay ahead of potential threats. If you have any questions or would like to discuss further, please do not hesitate to reach out to ITSecurity@carmarthenshire.gov.uk

You can read more about IT security on our intranet pages.