22 March 2019

IRM Weekly Cybersecurity Roundup: Cybersecurity strategy for healthcare providers and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Healthcare providers: don’t let the small stuff cause you big problems.

With the digital age rapidly progressing, all organisations need to have a cybersecurity strategy. For healthcare organisations, it’s particularly important. Why? Hospitals and surgeries have access to patient information involving medical care, which in some cases is the most sensitive type of data.

The NHS is working towards a more digital platform, which means data needs to be backed up. If a number of small issues build up, it could cause another major cyber-attack like the WannaCry incident in 2017.

It seems simple, but as the Head of Innovation and Delivery at NHS Digital, Daniel Jeffery, commented: “It’s the small things which can make a big difference, little things like not writing usernames and passwords on post-it notes and sticking them on screens” that could make just a little difference.

You can read more here.

Norway’s Aluminium plant struck by ‘severe’ ransomware attack

Hydro, one of the world’s biggest aluminium producers, with over 35,000 employees in 40 countries, has been hit by a ‘severe’ ransomware attack. It has caused the company to switch to manual operations at some of their smelting plants and even halt production in others.

Colleagues at some Hydro offices have been told not to log into their computers and are now having to use their mobile phones and tablets to access their emails. Due to this decision, some factory workers are having to use printed order lists, causing major delays.

Although it is not clear exactly who the cyber-attack was caused by, Norwegian security authorities are investigation a new form of ransomware known as ‘Lockergoga’ as a possibility.

According to their Facebook page, Hydro has made progress in securing safe and stable operations across the company.

You can read more here.

Ed-tech leaders still underestimating cybersecurity

Despite a constant barrage of malware attacks on one-third of North Dakota’s schools last February, a new report has shown that America’s public education sector requires significant cybersecurity training for teachers and students.

More than a quarter of the school leaders surveyed confessed that their district doesn’t have a password policy. However, in the 40% of districts that do have policies, they also conduct monitoring of log-in attempts. Despite this percentage, only 14% have multi-factor authentication, limiting their system’s security.

In an effort to improve best practice, many districts have encouraged better password policies, invested in staff training and the backing up of all information on their systems. You can read more here.

Cybercriminals are targeting HR departments to steal salaries

Attacks via email aren’t anything new, but it seems that cybercriminals are now focusing on HR departments to gain access to colleagues’ salaries. Using information such as email addresses and corporate email signatures, hackers send emails to managers posing as one of their colleagues.

Large corporations usually have software installed that automatically scans all email addresses, which can flag up any spam or fake accounts. Unfortunately, smaller firms aren’t always as lucky. With fewer software checks, it can sometimes just be a lone HR manager as defence, making BEC (Business Email Compromise) a real threat.

BEC is becoming more common now that more companies are using cloud services. Cloud systems tend to spot malware, so scams have evolved from traditional phishing attacks.

This progression is forcing companies to train their staff to spot spoof email addresses and other phishing attempts, whilst also upgrading the technology used to detect scams.

You can read more here.

Quick Fire Updates

Medical device and software developer announces data breach – According to Zoll, 277,319 patients’ personal and medical information is at risk after sensitive information was exposed during a server migration with a third-party email provider. Read more here.

Have you checked your new merging business’ cybersecurity? – Some businesses conduct little due diligence in cybersecurity when acquiring a new company. This leads to financial and data loss through fraud or fines from breaches of regulation. These issues are also caused when little is done by sellers who don’t ensure there data assets are properly migrated. Read more here.

Uber’s been spying on rival GoCatch – An ex-employee of Uber explains that the taxi company has been using a spyware called “Surfcam” to track Australian competitors ‘GoCatch’, capturing information such as drivers’ name, car details etc. Read more here.

Facebook employees had access to millions of user passwords – Social media titans said “hundreds of millions” of passwords had failed to be encrypted and have been exposed for up to seven years. 600 million users across Instagram and Facebook Lite will be notified. No evidence has emerged that accounts were “internally abused”. You can read more here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.