15.2 C
London
Monday, August 21, 2017
Home Tags Philip Hammond

Tag: Philip Hammond

April 19, 2017 – The financial pressures facing the NHS again hit the news further to the Chancellor Philip Hammond’s Spring budget. While an additional £425 million is being made available for investment in the NHS[1] - to fund the first set of the best STPs[2] and help cope with demand in A & E this winter - the sad reality is the NHS still lacks the money it needs.

Constrained resources means the health... Source: RealWire

The NHS's Northern Lincolnshire and Goole Foundation Trust is back up and running after a four-day ordeal.

A UK hospital is back online several days after a virus crippled its network.

Following an infection on Sunday, the National Health Service's Northern Lincolnshire and Goole (NLG) Foundation Trust temporarily shuttered a majority of its systems to "isolate and destroy" the bug.

As of Thursday, things are back up and running, and the facility is accepting patients.

"We have stood down from a major incident this morning as our key clinical systems are now operational," Karen Dunderdale, deputy chief executive of the NHS NGL Foundation Trust, said in a statement.

"There continues to be a small number of linkages which enable our systems to talk to each [other] which remain inconsistent," she added. "We are continuing to work with our third-party suppliers to restore these as soon as possible."

The NHS has not revealed additional details about the virus, but security researcher Brian Krebs suggests an infection of ransomware—a malware strain used recently to target hospitals and healthcare facilities.

Earlier this year, Hollywood Presbyterian Hospital in California paid attackers 40 bitcoins (approximately $17,000 at the time) to free its systems from ransomware.

A month later, Methodist Hospital in Kentucky became the target of an attack; hackers demanded four bitcoins ($2,927 at today's exchange rate) for a key to unlock the encrypted files.

And these aren't just one-off cases: Intel Security recently reported more than 20 ransomware-related data loss incidents per day in the healthcare sector.
In the first quarter of this year, hospital attacks generated about $100,000 in ransom payments.

Ironically, the NLG Foundation Trust was hit two days after UK Chancellor Philip Hammond unveiled a national cybersecurity strategy, emphasizing the responsibility of company executives to ensure their organizations are secure.

"I would like to take this opportunity to apologize to everyone who has had their appointment cancelled this week," Dunderdale said in a statement, promising to reschedule folks "as soon as possible."

In many cases, these infections are due to human error, from people plugging in unknown USB drives that infect systems to phishing emails that dupe employees.

Middle path between cheek-turning and all-out war Microsoft Decoded Britain will strike back against nations launching cyber attacks on the UK’s critical national infrastructure. Chancellor Philip Hammond promised retaliatory measures against state-sponsored hackers while unveiling an expanded $1.9bn, five-year national cyber security strategy. Crucially this isn’t new money - Hammond’s predecessor George Osborne had announced this in November 2015, during the last spending review. What was new was the pledge Britain would go on the offensive against attackers and not simply turn the other cheek.

The alternative, Hammond, warned was armed war. Also new was a sharper focus, announced by Hammond, around tactics and strategy around cyber security to protect the nation’s critical national infrastructure and business. In October defence secretary Sir Michael Fallon said Britain had used cyber warfare against ISIS as part of the bid to retake the Iraqi city of Mosul. “We will deter those who seek to steal from us, or harm our interests,” Hammond told Microsoft’s Future Decoded conference in London on Tuesday. “We will strengthen law enforcement to raise cost and reduce rewards,” he said of criminal attackers. He promised the UK would “continue to invest in cyber defense capabilities - the ability to trace and retaliate in kind is likely to be the best deterrent. “If we don’t have the ability to respond in cyberspace to attack that takes down power networks or air traffic control systems we would be left with the impossible choice of turning the other cheek or resorting to a military response - that’s a choice we don’t want to face.” “No doubt the precursor to any state-on-state conflict would be a campaign of escalating cyber attack. We will not only defend ourselves in cyberspace but will strike back in kind when attacked.” Moments before Hammond, who chairs the Cabinet’s cross-department cyber-security committee, had listed high-profile cyber attacks against other nation’s critical infrastructure. He didn’t name those responsible, but many attendees inferred the attacks were sponsored by Russia. He referenced the April 2015 takedown of French TV network TV5 initially blamed on ISIS but subsequently attributed to a group of hackers with links to the Kremlin.

A power blackout in the Ukraine following an attack on power utilities has also been blamed on Russia-based hackers. Moscow has backed separatists in the former Soviet republic seeking the reunification of the USSR. Hammond asked that suggestions as to who might be behind those attacks should be written on a postcard and posted to No. 11. Under the new cyber strategy, Hammond pledged a five-year plan to “work to reduce the impact of cyber attacks and to drive up security standards across public and private sectors.” This would involve ensuring government networks are secure and see UK government “taking a more active cyber defence approach” using tactics such as automatic protection to secure UK users “by default”. He pointed to the recent rollout of software to cut to zero an estimated 50,000 fraudulent emails a day from hackers purporting to be from HMRC offering tax refunds in order to obtain people's bank details. Hammond promised “increased investment” in the “next generation” of students and experts and talked up the formation of a virtual link-up between universities to secure laptops, tablets and smartphones. The Chancellor also laid responsibility for greater security at the feet of Britain’s chief executives. Having name-checked TV5 and the Ukraine, he referenced last year’s TalkTalk attack - which is almost certainly not the work of a nation state.

Altogether five suspects, all based in the UK, have so far been arrested in connection with the 2015 hack. That breach saw details of 156,959 customers sprung with TalkTalk fined a record £400,000 by the Information Commissioner. “CEOs and boards must recognise they have responsibility to manage cybersecurity,” Hammond said. “Similarly, technology companies must take responsibility for incorporating the best possible security measures into the technology of their products.

Getting this right will be crucial to keeping Britain at the forefront of digital security technology.” ®
EnlargeDefence Images reader comments 8 Share this story The UK government has promised to spend nearly £2 billion over the next five years to try to tackle the growing problem of cyber attacks in the country. Recent research suggested that Britain is particularly susceptible to data breaches involving compromised employee account data. Nonetheless, chancellor of the exchequer Philip Hammond claimed on Tuesday that the country is "an acknowledged global leader in cyber security." Number 11's occupant crowed that the previous Tory-led coalition government had chucked £860 million at the problem, but Hammond then undermined himself somewhat by adding that "we must now keep up with the scale and pace of the threats we face." Which underlines the fact that the government is playing catch-up in its race against cybercrims. The answer, according to the treasury, is to up taxpayer-funded spending in the fight against cyber attacks.

The chancellor said: Our new strategy, underpinned by £1.9 billion of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked. If your toes aren't already curled enough, perhaps paymaster general Ben Gummer can help. He said: "No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now. Our adversaries are varied—organised criminal groups, 'hactivists,' untrained teenagers, and foreign states." Readers of these pages know that there is nothing new about baddies misbehaving on the Web.

But since the TalkTalk hack attack in October 2015, such crimes have finally gone mainstream. The treasury added that Whitehall's hefty investment would be three-pronged.
It said a "world-class cyber workforce" would be developed, added that the UK would "use automated defences to safeguard citizens and businesses against growing cyber threats," and said that deterrent plans would be put in place propped up by better policing capabilities. Number 11 said it would work closely with industry partners such as Bath-based Netcraft—an outfit that specialises in Internet security services and counts clients that include Microsoft, BT, Cisco, and Intel. Hammond is also expected to announce plans to invest in the next generation of infosec experts with a new Cyber Security Research Institute, which we're told is a "virtual collection of UK universities" that will be tasked with beefing up smart phone, tablet, and laptop security "through research that could one day make passwords obsolete." The GCHQ-backed National Cyber Security Centre opened its doors for the first time last month.

By early 2017, the government has promised that the cyberhub will have a 700-strong team running the show. However, the government's so-called National Cyber Security Strategy isn't entirely welcomed by industry.
ISPs recently expressed concern about regulatory meddling, arguing that the focus should be on raising awareness, rather than burdening telcos with yet more rules. As part of its cyber defence plan, Hammond's department said that the industry would be expected to adopt "a range of technical measures" including DNS filtering against malware and phishing sites, an e-mail verification system on government networks to try to prevent domain spoofing, and researching methods to move "safely beyond passwords." It hopes to also bring in a scheme to detect government network attacks. The chancellor claimed that the government had already improved its efforts against "a website serving Web-inject malware." We're told that it previously "would stay active for over a month—now it is less than two days. UK-based phishing sites would remain active for a day—now it is less than an hour.

And phishing sites impersonating government’s own departments would have stayed active for two days—now it is less than five hours." NHS trusts have, for years, been particularly susceptible to such attacks.
Indeed, the Northern Lincolnshire & Goole NHS Foundation Trust remains on red alert with appointments cancelled as it battles a virus that blighted its IT systems on Sunday. This post originated on Ars Technica UK