Tag: Philip Hammond
Constrained resources means the health... Source: RealWire
The NHS's Northern Lincolnshire and Goole Foundation Trust is back up and running after a four-day ordeal.
A UK hospital is back online several days after a virus crippled its network.
Following an infection on Sunday, the National Health Service's Northern Lincolnshire and Goole (NLG) Foundation Trust temporarily shuttered a majority of its systems to "isolate and destroy" the bug.
As of Thursday, things are back up and running, and the facility is accepting patients.
"We have stood down from a major incident this morning as our key clinical systems are now operational," Karen Dunderdale, deputy chief executive of the NHS NGL Foundation Trust, said in a statement.
"There continues to be a small number of linkages which enable our systems to talk to each [other] which remain inconsistent," she added. "We are continuing to work with our third-party suppliers to restore these as soon as possible."
The NHS has not revealed additional details about the virus, but security researcher Brian Krebs suggests an infection of ransomware—a malware strain used recently to target hospitals and healthcare facilities.
Earlier this year, Hollywood Presbyterian Hospital in California paid attackers 40 bitcoins (approximately $17,000 at the time) to free its systems from ransomware.
A month later, Methodist Hospital in Kentucky became the target of an attack; hackers demanded four bitcoins ($2,927 at today's exchange rate) for a key to unlock the encrypted files.
And these aren't just one-off cases: Intel Security recently reported more than 20 ransomware-related data loss incidents per day in the healthcare sector.
In the first quarter of this year, hospital attacks generated about $100,000 in ransom payments.
Ironically, the NLG Foundation Trust was hit two days after UK Chancellor Philip Hammond unveiled a national cybersecurity strategy, emphasizing the responsibility of company executives to ensure their organizations are secure.
"I would like to take this opportunity to apologize to everyone who has had their appointment cancelled this week," Dunderdale said in a statement, promising to reschedule folks "as soon as possible."
In many cases, these infections are due to human error, from people plugging in unknown USB drives that infect systems to phishing emails that dupe employees.
The alternative, Hammond, warned was armed war. Also new was a sharper focus, announced by Hammond, around tactics and strategy around cyber security to protect the nation’s critical national infrastructure and business. In October defence secretary Sir Michael Fallon said Britain had used cyber warfare against ISIS as part of the bid to retake the Iraqi city of Mosul. “We will deter those who seek to steal from us, or harm our interests,” Hammond told Microsoft’s Future Decoded conference in London on Tuesday. “We will strengthen law enforcement to raise cost and reduce rewards,” he said of criminal attackers. He promised the UK would “continue to invest in cyber defense capabilities - the ability to trace and retaliate in kind is likely to be the best deterrent. “If we don’t have the ability to respond in cyberspace to attack that takes down power networks or air traffic control systems we would be left with the impossible choice of turning the other cheek or resorting to a military response - that’s a choice we don’t want to face.” “No doubt the precursor to any state-on-state conflict would be a campaign of escalating cyber attack. We will not only defend ourselves in cyberspace but will strike back in kind when attacked.” Moments before Hammond, who chairs the Cabinet’s cross-department cyber-security committee, had listed high-profile cyber attacks against other nation’s critical infrastructure. He didn’t name those responsible, but many attendees inferred the attacks were sponsored by Russia. He referenced the April 2015 takedown of French TV network TV5 initially blamed on ISIS but subsequently attributed to a group of hackers with links to the Kremlin.
A power blackout in the Ukraine following an attack on power utilities has also been blamed on Russia-based hackers. Moscow has backed separatists in the former Soviet republic seeking the reunification of the USSR. Hammond asked that suggestions as to who might be behind those attacks should be written on a postcard and posted to No. 11. Under the new cyber strategy, Hammond pledged a five-year plan to “work to reduce the impact of cyber attacks and to drive up security standards across public and private sectors.” This would involve ensuring government networks are secure and see UK government “taking a more active cyber defence approach” using tactics such as automatic protection to secure UK users “by default”. He pointed to the recent rollout of software to cut to zero an estimated 50,000 fraudulent emails a day from hackers purporting to be from HMRC offering tax refunds in order to obtain people's bank details. Hammond promised “increased investment” in the “next generation” of students and experts and talked up the formation of a virtual link-up between universities to secure laptops, tablets and smartphones. The Chancellor also laid responsibility for greater security at the feet of Britain’s chief executives. Having name-checked TV5 and the Ukraine, he referenced last year’s TalkTalk attack - which is almost certainly not the work of a nation state.
Altogether five suspects, all based in the UK, have so far been arrested in connection with the 2015 hack. That breach saw details of 156,959 customers sprung with TalkTalk fined a record £400,000 by the Information Commissioner. “CEOs and boards must recognise they have responsibility to manage cybersecurity,” Hammond said. “Similarly, technology companies must take responsibility for incorporating the best possible security measures into the technology of their products.
Getting this right will be crucial to keeping Britain at the forefront of digital security technology.” ®
The chancellor said: Our new strategy, underpinned by £1.9 billion of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked. If your toes aren't already curled enough, perhaps paymaster general Ben Gummer can help. He said: "No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now. Our adversaries are varied—organised criminal groups, 'hactivists,' untrained teenagers, and foreign states." Readers of these pages know that there is nothing new about baddies misbehaving on the Web.
But since the TalkTalk hack attack in October 2015, such crimes have finally gone mainstream. The treasury added that Whitehall's hefty investment would be three-pronged.
It said a "world-class cyber workforce" would be developed, added that the UK would "use automated defences to safeguard citizens and businesses against growing cyber threats," and said that deterrent plans would be put in place propped up by better policing capabilities. Number 11 said it would work closely with industry partners such as Bath-based Netcraft—an outfit that specialises in Internet security services and counts clients that include Microsoft, BT, Cisco, and Intel. Hammond is also expected to announce plans to invest in the next generation of infosec experts with a new Cyber Security Research Institute, which we're told is a "virtual collection of UK universities" that will be tasked with beefing up smart phone, tablet, and laptop security "through research that could one day make passwords obsolete." The GCHQ-backed National Cyber Security Centre opened its doors for the first time last month.
By early 2017, the government has promised that the cyberhub will have a 700-strong team running the show. However, the government's so-called National Cyber Security Strategy isn't entirely welcomed by industry.
ISPs recently expressed concern about regulatory meddling, arguing that the focus should be on raising awareness, rather than burdening telcos with yet more rules. As part of its cyber defence plan, Hammond's department said that the industry would be expected to adopt "a range of technical measures" including DNS filtering against malware and phishing sites, an e-mail verification system on government networks to try to prevent domain spoofing, and researching methods to move "safely beyond passwords." It hopes to also bring in a scheme to detect government network attacks. The chancellor claimed that the government had already improved its efforts against "a website serving Web-inject malware." We're told that it previously "would stay active for over a month—now it is less than two days. UK-based phishing sites would remain active for a day—now it is less than an hour.
And phishing sites impersonating government’s own departments would have stayed active for two days—now it is less than five hours." NHS trusts have, for years, been particularly susceptible to such attacks.
Indeed, the Northern Lincolnshire & Goole NHS Foundation Trust remains on red alert with appointments cancelled as it battles a virus that blighted its IT systems on Sunday. This post originated on Ars Technica UK