Welcome to the 'almost Easter' edition of the Cyber Intelligence Report! Here we'll be taking a look at how Emotet and Trickbot malware were used to spread ransomware, details of an ongoing proactive operation involving South West organisations, and we're holding our first ever South West CiSP meet up. Finally, as always, we share some more general online resources from social media and highlights from the Cyber Information Sharing Partnership (CiSP).

We'd also be remiss not to mention that cyber attacks often occur over holiday periods to maximise the impact, so be extra careful and stay vigilant!


Current Operation

  • Attention: We're currently working with businesses throughout the South West who may have suffered from a form of ransomware due to having vulnerabilities with their Remote Desktop Protocols (RDP).
  • We are actively contacting businesses as part of this operation. If you do receive a call, you can verify our identity by then calling the non-emergency police number 101, and quoting a collar number which we will supply to you for them to put you through.
  • The RDP Protocol is designed to provide remote access through port 3389. Please consider the below points in relation to RDP:
  • Please ensure that you have strong usernames and passwords, and that your staff are aware of why this is important.
  • Implementing Two-Factor Authentication (especially for Office365) is also strongly recommended.
  • Be aware of who actually has access to RDP within your organisation, and always be suspicious of any spurious activity regarding RDP.

Remember, if you or your organisation have been a victim of this or any other type of cyber crime, report to Action Fraud, the UK's national cyber crime reporting centre at via phone on 0300 123 2040

By using this website you agree to our use of cookies to enhance your experience. I understand

Windows 7 EOL

On January 14th 2020 Windows 7 and Windows Server 2008 (inc.variants) reached End of Life and will no longer have release updates or security patches provided by Microsoft.

These systems will still work after this date, but your business may be exposed to emerging threats of new viruses and malicious attacks.

Please don’t hesitate to contact either Julie or Darryn on 01460271055 to discuss your concerns.