Tag: Ransomeware

Categories
Cyber Security Cyber Security in Scotland Cybercrime

Almost 60% of Scottish Councils Hit by Cyber Attacks

An investigation by The Scotsman revelaed that almost 60 per cent of Scottish councils and more than half of Scotland’s health boards have been targeted by cyber criminals since 2014, a Scotsman investigation has revealed. Nine universities and numerous government bodies have also been hit during the last three years, the investigation found.

Some local authorities reported being bombarded with thousands of spam emails and receiving ransom demands to decrypt data.

Freedom of Information requests showed 19 of Scotland’s 32 councils experienced either attempted or successful attacks since 2014.

Ransomware attacks were reported by 14 local authorities, sometimes on multiple occasions.

Four councils refused to reveal any information, with two fearing doing so would leave them vulnerable to future attacks.

Of the incidents logged by 19 councils, only nine authorities reported any of them to police, although no data was stolen or lost.

The investigation revealed Scottish local authorities were subject to more than 50 notable incidents in the past three financial years with Aberdeen City Council one of the hardest hit (2014 and 2017, it suffered 12 successful cyber attacks, including six ransomware incidents, having its webpage defaced and recording more than 15 million attempts, including intrusion threats, spam, web risks and viruses, in the last eight months of 2016).

Other Statistics:

  • Highland Council targeted 953 times (including two partially-successful ransomware attacks)
  • East Lothian Council received more than 415,000 unsuccessful spam emails
  • Perth and Kinross Council reported blocking an average of 1.2 million spam emails every month
  • Falkirk, Glasgow City, North Ayrshire and Dumfries and Galloway councils refused to disclose any details
  • Dundee City Council was on the receiving end of three ransomware attacks
  • North Lanarkshire Council had two malware incidents in 2015 and three ransomware in 2016
  • Edinburgh City Council reported nine incidents, including malware preventing access to systems, a sustained denial of service (ddos) attack, and malware being installed and copied
  • 11 of Scotland’s health boards were affected by the WannaCry attack in May which affected the NHS network across the UK
  • NHS Fife logged 693 attempted malware attacks
  • NHS Lanarkshire reported 51 attempted or successful attacks and NHS Greater Glasgow
  • NHS Clyde was subject to four cyber breaches in 2016, where files became inaccessible after being encrypted by ransomware. In all cases, data was recovered and the ransom was not paid
  • NHS Tayside reported up to 7,000 attempts every month including ransomware
  • Dumfries and Galloway, Shetland and the Borders health boards said they had no attempted cyber attacks. No board reported losing data.

In the overwhelming majority of cases the breach affected limited areas of the public body’s network, with swift action taken to contain and repair systems and no patient data lost or compromised. The fact that a wide range of measures are taken to ensure basic security standards are met means that losses and fallout are mitigated.

A spokesman for local authority umbrella body Cosla said: “We fully recognise how important our cyber security is and we are doing everything we can to safeguard councils against such attacks.

Detective Inspector Eamonn Keane from Police Scotland’s cyber crime unit, added: “Cyber crime has witnessed significant growth. The cyber threat to Scotland is indicative of that local, national and international threat applicable to all regions in the UK. We always encourage anyone who thinks they’ve been a victim of cybercrime to come forward and report it to police.”

We at Cyber Security Helpdesk would always agree with this best practice advice. We would also suggest that following a Cyber Attack the appropriate personnel and partners are enlisted to (a) fight the attack, (b) repair systems, (c) ensure that business continues as normal.

Categories
Business Advice Cyber Security Tips & Tricks

Cyber crime Warning for SMEs

Small businesses are being urged to take steps to protect themselves from the threat of cybercrime after hackers targeted the NHS earlier this month, compromising its highly sensitive computer systems through a Ransomeware attack on 12 May 2017.

The “Wannacry” ransomeware attack was a worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. Hackers were effectively threatening to delete files unless a ransom was paid.

Research from the Federation for Small Business (FSB) claims 7 million cybercrimes are committed against SMEs in the UK every year, equating to more than 19,000 a day.

FSB figures show the average cybercrime incident costs a small company £3,000 and takes 2.2 days to recover from.

Mike Cherry, FSB chairman, said:

“We are urging all small businesses to take steps to reduce the risk of an attack.

“Businesses should immediately check for updates to their operating systems and anti-malware software and download them where needed.

“We advise small firms to make sure their data is backed up – if the worst happens, data cannot then be held to ransom.”

What is ransomware?

Ransomware is a type of malicious software designed to block access to your computer system until an amount of money is paid.

It often arrives in the form or a phishing email, otherwise known as spam, or a fake software update.

Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

Security experts warn that ransomware is the fastest growing form of computer virus, which threatens to delete your files unless you pay the blackmail.

Protecting your business

Small businesses are particularly vulnerable to cyber-attacks, but what can you do to protect your company from the growing threat of ransomware?

The National Cyber Security Council recommends your company takes the following steps:

  • do not open suspicious-looking email attachments or hyperlinks from unknown contacts
  • applying patches for Microsoft Windows will protect against ransomware
  • ensure antivirus products are up-to-date and scans your software regularly
  • use network segregation techniques to minimise the chance of compromise.

What to do if your computer is infected

If you believe your business has been compromised by ransomware, the National Crime Agency advises:

  • do not to pay the ransom as you don’t know the hackers will clear your system of the virus
  • back up your files regularly as this will be the only way to access your data
  • if you have been the victim of online fraud, report it at: www.actionfraud.police.uk

How Can Cyber Security Helpdesk Help You?

We are the UK’s number 1 National Multi-Disciplinary Cyber and Data Breach Incident Response Service; enabling UK Businesses to deal with Cyber breaches, properly and promptly.

SUPPORT – Our support teams work around the clock for our clients and are available 24/7/365.

SPEED – Our First Response team ensures every cyber incident receives a rapid service time without compromising quality.

CONFIDENTIALITY – Every enquiry is dealt with on a confidential basis by our professional team using secure technology.

EXPERT – IT, Data Protection, Legal, Communications experts adopt a meticulous and systematic approach to each incident.

OUR GOAL is your Business Continuity.

If you have suffered a Cyber or Data Breach, contact Cyber Security Helpdesk now.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][fusion_button link=”https://www.cybersecurityhelpdesk.co.uk/contact/” color=”default” size=”” stretch=”” type=”” shape=”” target=”_blank” title=”CONTACT CYBER SECURITY HELPDESK NOW” gradient_colors=”|” gradient_hover_colors=”|” accent_color=”” accent_hover_color=”” bevel_color=”” border_width=”1px” icon=”” icon_divider=”yes” icon_position=”left” modal=”” animation_type=”0″ animation_direction=”down” animation_speed=”0.1″ animation_offset=”” alignment=”left” class=”” id=””]CONTACT US NOW[/fusion_button][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Categories
Cyber Security

Ransomeware in Professional Practices

Lawyers and law firms have increasingly become targets of deadly Ransomware attacks.

The level of attention of this type of threat worldwide has risen dramatically.

When we use the term “attention”, we mean unwarranted attention because the problem is really simple to solve. And while normally there are no silver bullets for fixing information security problems, there is a silver bullet against Ransomware.

The simple answer to completely immunizing yourself and your firm from Ransomware infections is to have a great information backup process in place. If the information backup at your firm or your laptop is done in the right way, you never lose that information.

So even if you do get infected by Ransomware that encrypts your critical files and asks you to pay up if you want the decryption key, you can have the last laugh. All you’ll need to do in such an event is restore all your information from a clean backup. And it’s much better than paying the ransom because if you go that route there is always the risk of “remains” left behind from the Ransomware attack that might leave a door open for the attackers to come back for “another sip”.

We strongly recommend that you have an experienced cyber security expert perform an independent review of your firm’s backup processes so that you have the right process in place to completely kill the so-called “threat” of Ransomware attacks.

If you have any questions or need guidance or support in performing a Backup Process Review, feel free to get in touch to discuss cyber security recruitment, training and best practices for your business.

CONTACT US TODAY