Alleged reports of cyber attack against NHS England
The BBC has just reported: “NHS services across England have been hit by IT failure, believed to be caused by a large-scale cyber attack.
Trusts and hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire have been affected.
GPs are resorting to using pen and paper, according to newspaper the Blackpool Gazette, and phone and IT systems have been shut down.
NHS England says they are aware of the issue and are looking into it”.
“[It] is asking people not to come to A&E at the Lister Hospital in Stevenage”
Other sources on twitter have said ” Ransomware that hit #Telefónica and NHS pointing to same Bitcoin address and already receiving payments”
The East and North Hertfordshire NHS trust has shut down IT systems and telephone lines and asked people in the area not to go to A&E unless it’s life-threatening.
How Does Ransomware work?
Ransomware is a malicious program that makes your PC files completely inaccessible by encrypting them. The encryption is by way of 2048-bit RSA keys–in short, decryption is going to be near-impossible if you don’t have the private key.
There will be a prompt on your screen warning you that the only way to get the private key to decrypt your files is for you to pay a “ransom” to the cybercriminals in a specified amount of time. The ransom is usually in Bitcoins and can cost thousands.
If your computer system gets infected by this type of ransomware, it’s recommended to disconnect at once from the internet. Then shut down your computer. If you have a good backup that is outside your infected machine’s local network, then you can easily recover from such an attack but the downtime could be lengthy depending on how long it would take to restore.
More details to follow as updates are published….
So what is a Cyber Attack?
Cyber attacks have become a harsh reality for all businesses, no matter the size. In fact, small businesses make up for 70% of the victims of cyber attacks, mostly due to insufficient awareness and resources to protect themselves. Understanding the existing risks and developing a strategy to cope with them is crucial for maintaining a secure work environment in any company. Here are five of the most common types of cyber attack and what you can do to protect yourself against them:
1. Distributed Denial of services (DDoS) attacks
A DDoS attack floods a server with incoming traffic, usually using multiple infected devices. The overloaded server shuts down, making the website inaccessible to visitors. Since the traffic usually comes from multiple sources, a DDoS attack cannot be stopped just by blocking a particular IP address. The best way to protect against DDoS attacks is to use a DDoS mitigation service, which can filter malicious traffic.
2. Man in the middle (MitM) attack
A MitM attack involves the attacker eavesdropping on a communication between two parties. MitM attacks are most successful when the attacker can impersonate both parties and thus gather the information that is exchanged between them. A good way to prevent MitM attacks is to use only encrypted wireless access points, and connect only to websites that use a https connection, which uses certificates that verify the identity of the servers you are connecting to.
3. Password attacks
A password attack involves a third party trying to get into the system by gaining access to the users’ passwords. Several methods can be used to obtain passwords, including brute force attacks, in which automated software is used to generate a large number of guesses. It is estimated that a brute force cracking program can guess a lower case password within a couple of minutes. Having strong passwords which contain both uppercase and lowercase characters, and not using the same password for different websites is the best protection against this type of attack.
Malware is any type of malicious code (such as viruses, Trojans, and worms) that can disrupt a system or steal data from it. The most common way malware spreads is through infected links sent in emails, by visiting untrusted websites or through removable media such as USB sticks. The most efficient way to avoid malware is to install antivirus software, antispyware and firewall across all your network and update them regularly, and never click on links sent by unknown parties.
5. Social engineering attacks
Social engineering attacks rely on manipulating people to reveal sensitive information or download malicious software. Common types of social engineering attacks are baiting ( leaving an infected device, often with a name that might elicit curiosity, in a place where it is likely to be found by someone and then plugged into a computer) and phishing (sending an email that seems to be from a legitimate source, with the purpose of tricking the recipient into disclosing private information). The way to prevent social engineering attacks is to educate vulnerable users against them.
As the rates of cybercrime escalate and companies of all sizes are at risk, understanding the potential dangers is crucial for the existence of any enterprise. Investing in good antivirus software, keeping your operating system up to date, monitoring traffic, using only encrypted wireless points and employing a DDoS mitigation service are all crucial steps in preventing a cyber attack to your company. Lastly, educating people about potential risks is an efficient and often underestimated way of maintaining a safe work environment.