More ransomware cases may come to light on Monday, possibly on “a significant scale”, the UK’s cyber-security agency has warned after a global cyber-attack.
The National Cyber Security Centre has advised firms how to protect computers as they start the working week.
It comes after Friday’s attack caused disruption in 150 countries. In the UK, NHS hospitals, pharmacies and GP surgeries were the worst-affected.
A handful of NHS trusts are still dealing with the problems it caused.
Is my computer at risk?
Analysis: How it started
In a statement, the National Cyber Security Centre said a ransomware attack of this type and on this scale could happen again although there is “no specific evidence” as yet.
It said it knew of attempts to attack organisations other than the NHS, and warned more cases could “come to light” in the UK and elsewhere as the new working week begins.
Ransomware attacks are “some of the most immediately damaging forms of cyber-attack”, it said, and advised companies to:
Keep your organisation’s security software patches up to date
Use proper anti-virus software services
Back up the data that matters to you, because you can’t be held to ransom for data you hold somewhere else
The NHS, Fedex and the main telecoms operator in Spain were among 200,000 known victims – organisations and private individuals – of Friday’s global cyber-attack.
The ransomware, which locked users’ files and demanded payment to allow access, spread to 150 countries, including Russia, the US and China.
In England, 47 trusts reported problems at hospitals, GP surgeries or pharmacies and 13 NHS organisations in Scotland were also affected.
Some hospitals were forced to cancel treatment and appointments and, unable to use computers, many doctors resorted to using pen and paper.
The cost of the attack is unknown, in the UK or beyond, but BBC analysis of three accounts linked to the ransom demands suggest hackers have already been paid the equivalent of £22,080.
Map of areas hit by the cyber attack
What can patients expect?
The Scottish government said the cyber-attack had been isolated and it expected that most NHS computers would be back to normal by Monday. NHS England has told patients to attend hospital if they have an appointment unless they are told not to.
However, several trusts in England have issued their own advice to patients. As of Sunday night they were:
St Bartholomew’s in London – IT disruption ongoing. Planned surgery and outpatient appointments will be reduced on Monday at the trust’s five hospitals – the Royal London, Newham, Whipps Cross, Mile End and St Bartholomew’s. Patients should attend booked appointments on Monday unless their hospital contacts them to say otherwise
East and North Hertfordshire Trust – Patients should assume their appointment is going ahead unless they hear otherwise. Neither Lister Hospital nor the New QE2 are doing non-urgent blood tests
James Paget University Hospitals Trust, Norfolk – All clinical and surgical appointments this weekend were cancelled. Patients with appointments on Monday and Tuesday are being advised to attend unless they hear from their hospital. A&E wait times are longer than usual
Southport and Ormskirk Hospital NHS Trust – Problems continuing with IT systems. Patients scheduled for surgery on Monday are being told not to attend unless they are contacted. All outpatient and endoscopy appointments for Monday are cancelled
Lincolnshire Hospitals NHS Trust – Outpatient appointments, diagnostic tests and routine operations are cancelled on Monday
York Teaching Hospitals NHS Trust – Services are “almost back to normal” albeit a little slower so patients can assume their appointments on Monday will go ahead
Wrightington, Wigan and Leigh – People are told to avoid A&E unless it is an emergency. The trust is working to restore its IT systems
What are the political parties saying?
The government is insisting that the NHS had been repeatedly warned about the cyber-threat to their IT systems.
Defence Secretary Michael Fallon said £50m of £1.9bn set aside for UK cyber-protection was being spent on NHS cyber systems to improve their security.
Media captionThe NHS has been given about £50m to improve its computer systems, Defence Secretary Michael Fallon says.
But Labour say the Conservatives have cut funding to the NHS’s IT budget and specifically a contract to protect computer systems was not renewed after 2015.
The Liberal Democrats and Labour have both demanded an inquiry into the cyber-attack.
In an interview on BBC One’s Andrew Marr show, Sir Michael said NHS trusts had been encouraged to “reduce their exposure to the weakest system, the Windows XP”, with fewer than 5% of trusts using it now.
“We want them to use modern systems that are better protected. We warned them, and they were warned again in the spring. They were warned again of the threats,” he added.
Shadow health secretary Jonathan Ashworth has written to Health Secretary Jeremy Hunt to ask why concerns repeatedly flagged up about the NHS’s “outdated, unsupported and vulnerable” machines had not been addressed.
On ITV’s Robert Peston, Mr Ashworth accused the government of having “cut the IT and infrastructure budget” by £1bn in the NHS, and said his party, if elected to power, would put £10bn into the infrastructure of the NHS.
He called for the Conservatives to publish the Department of Health’s risk register to see how seriously they were taking IT threats.
Scottish Justice Secretary Michael Matheson said more than 120 public bodies were being contacted to ensure their defences were adequate.
What are others saying?
Kingsley Manning, a former chairman of NHS Digital – which provides the health service’s IT systems – told the BBC on Saturday that several hundred thousand computers were still running on Windows XP.
And a neurology registrar from London, Dr Krishna Chinthapalli, wrote an article for the British Medical Journal just a week ago, warning that hospitals would “almost certainly be shut down by ransomware this year”.
He told the BBC the NHS was in a tricky position – treating sick patients, as a 24/7 operation with specialist software – making update implementation complicated.
“People developing ransomware know a hospital is a good target because the information is about patients and is time-sensitive – hospitals need to get their data back quicker,” he said.
Attacks on hospital data and patients were “despicable at the basic level”, he said.
Meanwhile, digital rights campaigners Open Rights Group has accused GCHQ of a “very dangerous strategy of hoarding knowledge of security problems”.
It said Britain’s electronic surveillance agency was “in charge of hacking us and protecting us from hackers”, making it hard to balance the risks of keeping vulnerabilities secret.
Jim Killock, the group’s executive director, said: “US and UK security agencies kept a widespread vulnerability secret rather than telling the companies so they could fix it.” He called for the National Cyber Security Centre to be made independent from GCHQ.
Source : BBC
Do you want to get certified in IT Security? Horizon Online offer a high range of professional online training courses that will provide you with industry recognized certification upon successful completion. Do you want to learn more on how we can help? Call us today on 020 3393 4405 or email firstname.lastname@example.org
All courses are online (e learning) and self-paced, meaning you do it in your own home, in your own time, at your own pace. Each lesson is pre-recorded allowing you to pause, fast-forward, skip sections, or go back to another lesson if you need to. The lessons are multi-media based, which means video and audio are used to teach the lessons. Most lessons are also interactive, prompting the learner to participate. This might involve answering on-screen questions, participating in tasks, and using simulators as if you were using the real software program. Our IT Security course include the following modules:
CompTIA Security+ SY0-401
Cisco CCNP Security 642-618 FIREWALL 2.0: Deploying Cisco ASA Firewall Solutions
Cisco CCNP Security 642-627 IPS 7.0: Implementing Cisco Intrusion Prevention System
Cisco CCNP Security 642-637 Securing Networks with Cisco Routers and Switches (SECURE) v1.0
Cisco CCNP Security 642-648 Deploying Cisco ASA VPN Solutions
(ISC)2 Certified Information Systems Security Professional (CISSP) 2015
ISACA Certified Information Systems Auditor (CISA)
It has never been a better time to get qualified in IT Secuirty, with cyber criminals on the horizon. Call Horizon Online on 020 3393 4405 or email email@example.com
Source : BBC