Any type of computer malware that threatens to delete your files unless you pay a ransom can be classified as ‘ransomware attacks’. In most cases, this type of malware finds its way into your network or systems by exploiting a security hole in vulnerable software – or by tricking somebody into installing it.
Cyber criminals prey on unprotected IT systems and they are finding more and more ways to attack data, online systems and services, often without victims realising until it’s too late. They extort money from victims by encrypting or stealing data and displaying an on-screen alert. The restoration of computer systems for the Irish HSE will likely take many weeks. It also will require a complete rebuild of its computer network which could take several months, in addition to the extra cost anticipated for all the remediation activities. But, the good news is, there are ways to prevent ransomware attacks from happening:
In May 2021, cyber criminals attacked a number of health organisations in Ireland in what is described as the ‘most significant cybercrime attack on the Irish State’. In the midst of a pandemic, the stakes are both high and consequential – the Irish Health Service must continue to respond to health emergencies and also ensure that the covid-19 vaccination programme remains interrupted.
With the attack forcing the Irish Health Service Executive (HSE) and the Department of Health (DoH) to temporarily shut down its IT systems to protect itself and to safeguard the sensitive data it holds, our experts from 8fold Governance and Leo CybSec assess the facts and offer some helpful guidance on what you can do to protect your organisation from ransomware attacks.
With IT systems shut down, hospitals made difficult decisions to cancel outpatient appointments, elective surgeries and advised patients to expect long delays, further compounding the issues they were already facing as a result of the pandemic. No access to urgent medical information to inform care and treatments has also undoubtedly increased risk to patients that need care at this time, with further assessments about the risk to their private and confidential data still to be confirmed.
Cyber attacks which impact on personal data (such as healthcare records) are classed as data breaches under the General Data Protection Regulation (GDPR) and the UK’s Data Protection Act. The law seeks to incentivise organisations to take proactive actions to protect the ‘integrity and confidentiality’ of personal data, to reduce the likelihood of data breaches occurring, and to reduce the potential impact or severity of any data breach which might occur. The ‘security principle’ requires personal data to be:
‘Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures’
This means that you must have appropriate security in place to prevent the personal data you hold being accidentally or deliberately compromised.
Depending on the severity of any data breach, it may need to be reported to the relevant supervisory authority (in the UK the ICO) and could lead to regulatory action in the form of fines, and potentially to compensation claims from any affected individuals which have seen a rise in recent years. Data breaches are also extremely damaging to an organisation’s reputation which can prove to be even more costly.
This latest cyber attack on the Irish HSE is reminiscent of the WannaCry cyber attack which affected the UK’s NHS in May 2017. Amyas Morse, Head of the National Audit Office said of that attack:
“The WannaCry cyber attack had potentially serious implications for the NHS and its ability to provide care to patients. It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice. There are more sophisticated cyber threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”
The National Cyber Security Centre (NCSC) have since developed the Cyber Essentials Scheme to help businesses get to grips with the fundamentals of good cyber security:
“Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. [The Cyber Essentials Scheme] is designed to prevent these attacks.”
8foldGovernance offers both Cyber Essentials and Cyber Essentials Plus services to assist organisations in taking the first steps on their cybersecurity journey and obtaining certification to give customers the assurance they need. For those seeking to work with the NHS in the UK, Cyber Essentials is increasingly becoming a requirement for suppliers and also forms the basis of the NHS Data Security and Protection Toolkit (DSPT) which has been a requirement of NHS suppliers for a number of years. DSPT compliance is another area in which 8foldGovernance can provide support.
Giannis Kostakis, Co-Founder at Leo CybSec, said: “With remote working being the new normal over the last year, cyberattacks have increased exponentially. Today, as the healthcare industry continues to offer life-critical services while working to improve treatment with new technologies, we have seen cyber criminals put more effort and focus on exploiting vulnerabilities in this sector. Everyday we see more attacks of every kind, but the headline for 2020-2021 is ransom attacks, which were up 150% over the previous year.”
Whilst many people accept that protecting their systems and data is important, it’s one of those things that we often put off, thinking, ‘I’ll do it tomorrow’. But, you wouldn’t leave your car unlocked with all your valuables inside, so why do we do this every day with data in our IT systems? Cyber criminals seek out vulnerable victims and are ready to attack at any time. But, protecting yourself doesn’t have to be difficult. Our leading team of cyber security experts can support your business model and help you to build a strong cyber security strategy. We will:
For more information or advice on how you can protect yourself from cyber and ransomware attacks, please get in touch.