‘It will never happen to us.’
That, tragically, seems to be the cyber security approach of many public and private sector organisations. And, while the blame for the NHS blood scandal or the latest smishing frauds (both covered below) lies firmly with the criminals, individuals and organisations must take responsibility.
Because the difference between ‘it will never happen to us’ to ‘oh no, it’s just happened to us’ could be down to nothing more than a criminal’s gaze resting on your website or personal profile – and spotting an open door.
Secure your networks. Educate your people. Repeat.
Here’s the latest cyber security news.
The NHS blood sample attack. What was the impact? Who’s to blame? What can we learn?
Until recently, cyber attacks were associated mainly with financial and reputational damage. But Russian ransomware gang Qilin’s offensive on NHS blood-sample testing company Synnovis has shown the frightening real-world impact of these crimes. The attack has disrupted thousands of life-saving operations and GP appointments at two NHS trusts in London. Some of the most vulnerable people have been directly impacted, including a 14-year-old boy with cancer who had to have a crucial surgery postponed because the hack caused delays in blood supplies.
Qilin has now shared almost 400GB of private patient data on the dark net. It includes patient names, dates of birth, details of blood tests, NHS numbers as well as details of financial arrangements between Synnovis, NHS hospitals and GP services. There’s speculation that the data was leaked because Synnovis did not pay the ransom.
The former head of the National Cyber Security Centre Ciaran Martin has called it, ‘One of the most significant and harmful cyber attacks in the UK.’
Healthcare services are quickly becoming easy targets for cyber criminals. Just last month, we reported on America’s worst healthcare hack on the UnitedHealth Group, which caused similar disruptions in the US despite a $22 million ransom payment.
What’s troubling about the Synnovis NHS attack is that there have long been signs of poor cyber security on both the NHS’ and Synnovis’ sides. Synlab group, Synnovis’ parent company, has been hit three times in the last year alone. Meanwhile, Guys’ and St Thomas’ NHS Foundation Trusts had been warned for years about their cyber security vulnerabilities.
Comprehensive supplier due diligence has never been more important.
Says Jake Ives, Intersys’ Head of Security, ‘This cyber attack highlights why implementing a zero-trust architecture and conducting thorough due diligence on your supply chain is important within an organisation. There are security products out there which can help ringfence access to sensitive data and systems, so that data stolen cannot be accessed easily. On the supply chain point, cyber attackers often go after the most vulnerable element, and if that element is a business within your supply network, it becomes their prime target. This is why it is important to conduct due diligence and threat intel on your supply chain’s IT estate and establish where you fit and where you could be at risk.’
It ‘mast’ be a scam: fraudsters use DIY telephone mast to blast out smishing scams
Cyber criminals are nothing if not ingenious and a recent story from London is a case in point.
London police have described a ‘first of its kind’ fraud in the UK where criminals fashioned a homemade, illegitimate telephone mast to blast out thousands of scam SMS or ‘smishing’ messages. The criminals posed as banks and other official organisations and tried to bait members of the public.
The reason for this DIY approach was that by using their own telephone mast, the fraudsters were able to evade mainstream mobile phone networks’ systems that block suspicious text messages.
Officers have made two arrests so far. The Dedicated Card and Payment Crime Unit (DCPCU), Ofcom, mobile service providers and the National Cyber Security Centre (NCSC) worked together to expose this scam.
You can protect yourself from SMS or smishing scams by following these tips from the City of London Police:
- To report any suspicious text messages to your phone provider for free, simply forward them to 7726. This will help your provider to track down the source of the text and stop or block the sender if they are malicious.
- If you have lost money or given out any financial information as a result of a phishing scam, contact your bank as soon as possible and report it to Action Fraud at actionfraud.police.uk or by calling 0300 123 2040. If you live in Scotland, call Police Scotland on 101.
Windows users: time to defenestrate that public WiFi habit?
Poor WiFi security is a common cause of cyber attacks. And, if you use Windows OS and are planning to use public WiFi while traveling for work, you might want to read this.
Microsoft has recently warned of a significant flaw in all supported versions of the Windows OS. CVE-2024 – 30078 comes with an 8.8 out of 10 rating for its severity. Criminals don’t need to have physical access to the victim’s computer, just to be physically near it. Once they’re in, they can run malicious code on the device to deploy even more malware or steal sensitive data.
It’s also worrying that attackers don’t need any authentication as a user to exploit this flaw, nor do they need access to settings or files on the victim’s machine. What’s more the victim doesn’t need to click on any links or download any files to set the hack in motion.
Security researchers are warning that this type of attack could become popular in hotels, tradeshows, airports and other places where many endpoint devices are connected to WiFi networks.
The advice is to ensure you have the latest patches applied and, if you’re using end-of-life Windows , make sure you update to a supported version asap.
Other vulnerabilities
Bypassing Veeam Authentication