[BreachExchange] What happens when a country comes under ransomware attack?

Audrey McNeil audrey at riskbasedsecurity.com
Mon May 17 13:47:34 EDT 2021


https://www.theweek.co.uk/92711/what-happens-when-a-city-comes-under-ransomware-attack?src=ilaw

Ireland has been hit by a “significant” ransomware attack forcing the
country’s health services to shut their IT systems and cancel some medical
appointments.

The IT systems could take “days” to return to their normal functioning in
what has been described by a government minister as “possibly the most
significant cybercrime attack on the Irish State” ever, reports The Irish
Times.

Health service chief Paul Reid said there was a “human-operated” attempt to
access data stored on central servers, possibly carried out by an
international criminal organisation seeking to extort money. He told RTÉ
that no ransom has been demanded at this stage, adding: “The key thing is
to contain the issue. We are in the containment phase.”

On Thursday, there were “two or three” distributed denial of service (DDOS)
attacks on parts of the HSE system which were thought to be “routine” at
the time, reports the Irish Times. But it is now thought the attacks may
have been “forerunners” for the bigger attack, and that those behind this
were “knocking on the door”, the paper says.

What is ransomware?

Ransomware are computer viruses that take over other people’s devices,
often with the threat to delete files unless a payment is made. Typically
it gets into a device by exploiting vulnerable software or tricking a
person into installing it. Security experts call ransomware the “fastest
growing form of computer virus”, the BBC reports.

Could this happen in the UK?

The UK has already suffered and experts warn it could easily happen again.

Foreign Secretary Dominic Raab this week made his first major speech on
cybersecurity, outlining the creation of a new National Cyber Force, which
would carry out “offensive operations” against criminal gangs, including
denying gangs “access to their infrastructure and undermining their
network”, reports the BBC.

Raab issued a warning to Russia, saying the country should take
responsibility for cybercriminals operating in the country. “Even if it is
not directly linked to the state they have a responsibility to prosecute
those gangs and individuals,” he said.

In 2017, Britain was one of the more than 150 countries affected by the
WannaCry ransomware attack. The virus encrypted data on infected computers
and demanded a ransom of around £230.

At least 6,900 NHS appointments were cancelled because the systems closed
down. A government report said the NHS had been particularly vulnerable
because it had not followed cyber-security recommendations.

“NHS England said no patient data had been compromised or stolen and
praised the staff response,” the BBC reported at the time.

Ciaran Martin, head of the UK’s National Cyber Security Centre, told The
Guardian in 2018 that a major attack was imminent and that it was a matter
of “when, not if”. He added that the UK was lucky to have avoided a
category one attack – one “that might cripple infrastructure” – when it had
already impacted other western nations.

How can I protect my data?

Some of the best defence methods are to have strong security measures, such
as updating anti-virus software and passwords that are difficult to crack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210517/220537c8/attachment.html>


More information about the BreachExchange mailing list