Cybercrime: Large organisations targeted but smaller, expanding and mid-sized firms cannot be complacent
At the beginning of August in the blog ‘Ransomware update: Threat only increasing with extortion hitting $1 billion in 2016’, we highlighted the growing threat of this type of cyber-criminal activity.
In the article we noted how the nature of the threat was changing. A scatter-gun approach, designed to extort small amounts from lots of businesses was giving way to a more targeted approach. This methodology identifies specific large organisations that are unlikely to tolerate security breaches which may result in systems being taken offline because of mission critical dependencies. We discussed how the healthcare industry fitted with this profile.
On 10 October 2016 the i newspaper ran a feature article that revealed the scale of the problem in the UK. The story ‘Dozens of NHS hospitals targeted by cyber blackmailers’ showed how, amongst the many other challenges it faces, the NHS is under increasing attack from cyber blackmailers attempting to extort cash from hospitals using ransomware.
State sponsored cyber warfare?
However, there is far more than just ransomware blackmail to be considered here. The i news article also emphasised that there was growing concern about antiquated, legacy IT systems, which may be leaving NHS patient records vulnerable to exploitation by criminals.
However, despite these fears, NHS Digital, which oversees cybersecurity for trusts said no ransom was paid in the ransomware incidents reported to it, and that no data was lost or patient records affected. NHS Digital also disclosed that there was an attempt to breach an NHS national system with ransomware, and voiced the rather sinister suspicion that it was part of a state sponsored assault on multiple organisations…
The i news has established that approximately 30 NHS trusts in England have been attacked by ransomware in the last year. In at least four cases, these were considered serious enough to warrant them being reported as potential breaches of data protection or confidentiality laws.
On projections based on Q1/2016 data, the FBI believed the global ransomware ‘take’ for the year could be up to $1bn. The i news article gave us an insight into what the UK’s contribution to this might be: £300m was the estimate.
As well as LA’s such as Lincolnshire County Council, which was hit in a much publicised attack in January, one study uncovered that at least 23 universities were targeted last year, receiving demands of up to £2,200.
Don’t be complacent – get help to defend a ransomware from Paralogic
Despite the attack of larger organisations by the cyber criminals, smaller, expanding and mid-sized business cannot afford to become complacent. The threat is real and growing and it is not going to go away anytime soon.
To find out more about how we can help you to improve IT security and defend the ransomware threat, simply get in touch today.
Do you want some free, Strategic IT support?
Get started with a free one hour IT consultation. Discover the latest technology and discuss your current and future IT requirements.Talk to us ›