Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label London. Show all posts
Ransom Demand
Data Breach data security Hacker attack Healthcare Hacking healthcare sectors hospital data London Patient Data Ransom Demand

Massive Data Breach Hits London Hospitals Following Cyber Attack

 

In a severe cyber attack targeting a London hospital, hackers have published a massive 400GB of sensitive data, raising significant alarm within the healthcare sector. This breach underscores the escalating threat posed by cybercriminals to critical infrastructure, especially within public health services. 

The attack, attributed to a sophisticated hacking group, involved infiltrating the hospital’s IT systems, exfiltrating vast amounts of data, and subsequently releasing it online. The compromised data reportedly includes patient records, internal communications, and operational details, posing severe privacy risks and operational challenges for the hospital. The cybercriminals initially demanded a hefty ransom for the decryption of the stolen data and for not making it public. When the hospital administration, adhering to governmental policies against ransom payments, refused to comply, the hackers followed through on their threat, releasing the data into the public domain. 

This move has not only compromised patient privacy but has also led to significant disruptions in hospital operations. Experts warn that the healthcare sector is increasingly becoming a prime target for ransomware attacks due to the sensitive nature of the data and the critical need for operational continuity. The incident has once again highlighted the urgent need for robust cybersecurity measures within healthcare institutions. Public healthcare providers often operate with complex IT systems and limited budgets, making them vulnerable targets for cyber attacks. 

The ramifications of such breaches are far-reaching, affecting not just the targeted institution but also the patients relying on its services. In response to the breach, the hospital has ramped up its cybersecurity protocols, working closely with cybersecurity experts and law enforcement agencies to mitigate the damage and prevent future incidents. Efforts are also underway to support affected patients, ensuring that their data is secured and providing necessary assistance in the wake of the breach.  

This incident serves as a stark reminder of the persistent and evolving threat landscape that healthcare providers face. It underscores the necessity for continuous investment in cybersecurity infrastructure and the implementation of proactive measures to safeguard sensitive data against potential breaches. 

As the investigation into this attack continues, healthcare institutions worldwide are urged to reassess their cybersecurity strategies, ensuring that they are equipped to defend against such malicious activities. The leak of 400GB of sensitive data stands as a testament to the devastating impact of cybercrime on critical public services, emphasizing the importance of vigilance and robust security practices in the digital age.
Read more »
UK
Cyber Attacks Data Privacy Healthcare London National Cyber Security Centre NHS patient data protection Ransomware attack Russian Gang UK

Ransomware Attack on Pathology Services Vendor Disrupts NHS Care in London

 

A ransomware attack on a pathology services vendor earlier this week continues to disrupt patient care, including transplants, blood testing, and other services, at multiple NHS hospitals and primary care facilities in London. The vendor, Synnovis, is struggling to recover from the attack, which has affected all its IT systems, leading to significant interruptions in pathology services. The Russian-speaking cybercriminal gang Qilin is believed to be behind the attack. Ciaran Martin, former chief executive of the U.K. National Cyber Security Center, described the incident as "one of the more serious" cyberattacks ever seen in England. 

Speaking to the BBC, Martin indicated that the criminal group was "looking for money" by targeting Synnovis, although the British government maintains a policy against paying ransoms. Synnovis is a partnership between two London-based hospital trusts and SYNLAB. The attack has caused widespread disruption. According to Brett Callow, a threat analyst at security firm Emsisoft, the health sector remains a profitable target for cybercriminals. He noted that attacks on providers and their supply chains will persist unless security is bolstered and financial incentives for such attacks are removed. 

In an update posted Thursday, the NHS reported that organizations across London are working together to manage patient care following the ransomware attack on Synnovis. Affected NHS entities include Guy's and St Thomas' NHS Foundation Trust and King's College Hospital NHS Foundation Trust, both of which remain in critical incident mode. Other impacted entities are Oxleas NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London. 

The NHS stated that pathology services at the impacted sites are available but operating at reduced capacity, prioritizing urgent cases. Urgent and emergency services remain available, and patients are advised to access these services normally by dialing 999 in emergencies or using NHS 111. The Qilin ransomware group, operating on a ransomware-as-a-service model, primarily targets critical infrastructure sectors. According to researchers at cyber threat intelligence firm Group-IB, affiliate attackers retain between 80% and 85% of extortion payments. Synnovis posted a notice on its website Thursday warning clinicians that all southeast London phlebotomy appointments are on hold to ensure laboratory capacity is reserved for urgent requests. 

Several phlebotomy sites specifically managed by Synnovis in Southwark and Lambeth will be closed from June 10 "until further notice." "We are incredibly sorry for the inconvenience and upset caused to anyone affected." Synnovis declined to provide additional details about the incident, including speculation about Qilin's involvement. The NHS did not immediately respond to requests for comment, including clarification about the types of transplants on hold at the affected facilities. The Synnovis attack is not the first vendor-related incident to disrupt NHS patient services. Last July, a cyberattack against Ortivus, a Swedish software and services vendor, disrupted access to digital health records for at least two NHS ambulance services in the U.K., forcing paramedics to use pen and paper. 

Additionally, a summer 2022 attack on software vendor Advanced, which provides digital services for the NHS 111, resulted in an outage lasting several days. As the healthcare sector continues to face such cybersecurity threats, enhancing security measures and removing financial incentives for attackers are crucial steps toward safeguarding patient care and data integrity.
Read more »
User Security
3D Guns Illicit Frearms London Technology UK User Security

3D-printed guns: UK’s Latest Problem

 

Last month, officers from the Met's Specialist Crime Command discovered a suspected makeshift 3D firearm factory at a home in London. 

The met stated the seizure was “one of the largest” ever conducted in the UK and, it demonstrates the emerging threat of 3D firearms in the country. 

“The raid was part of an operation involving officers from the Met’s ‘Operation Viper’ team, who lead on developing firearms intelligence. This operation demonstrates how we continue to relentlessly target those who attempt to put lethal firearms on the streets of London,” commander Paul Brogden stated.

The discovery comes as some experts also warn of a growing threat. Matthew Perfect, head of the National Firearms Targeting Centre at the UK's National Crime Agency (NCA), says the latest 3D weapons are "stuff that you definitely, wouldn't want to see on the streets in the UK. These are automatic weapons. These are weapons that are capable of multiple rounds of discharge.” 

At present, the 3D printed components only form some of the parts needed to make a gun, at most 80 to 90% of the weapon, Mr. Perfect added. Key metal components such as the barrel typically have to be manufactured in more traditional ways. And the guns still require ammunition. 

John Maytham speaks to professor of criminology and public policy at the University of Brighton, Peter Squires, about the growth of 3D-printed firearms in the UK and the threat that they pose within the illicit firearm market. 

Rajan Basra, a senior research fellow at the International Centre for the Study of Radicalization at King's College London, says the situation in the UK impersonates a trend visible around Europe. While most violent extremists will prefer established weapons, printed guns are an alternative for those who can't obtain illicit firearms. 

“They're popping up all over Europe and police in the UK are intercepting them and burning them in London and Manchester. This is something that we thought was a slow-burn issue and that it would constitute a serious threat in years to come but suddenly they're turning up in real-world in both components and fully fabricated firearms,” Basra stated. 

Designing and owning homemade firearms, including 3D-printed guns, is banned in EU nations. In the UK, for example, the Home Office Guidelines of Firearm Licensing Law were updated in 2013 to specifically criminalize the manufacture, purchase, and sale of 3D-printed guns and gun parts. The first known conviction in the UK for producing a fireable 3D-printed gun came in 2018.
Read more »
Network Attacks
Certified WhiteHat Hacker Cyber Security Ethical Hacker Ethical Hackers News London Network Attacks

Demand for teen hackers rises


Shivam Subudhi is 15 and lives in London. Three years ago, he was so inspired by the movies he was watching that featured hackers, he coded a simple port scanner revealing network doors that might let a hacker enter uninvited. "I decided to put my skills into practice for the first time," Subudhi says, "by pentesting my school network and website." Penetration testing is also known as ethical hacking and involves probing networks, systems, and sites looking for security vulnerabilities that could be exploited by an attacker. It was this activity that, unsurprisingly, brought Subudhi to the attention of the deputy headteacher. That teacher was also an IT enthusiast and introduced the budding hacker to the Cyber Discovery program; a £20 million ($24 million) U.K. government-backed scheme to teach kids how to be cybersecurity superheroes. Could your kid be next?

Teenage hackers sought by government Cyber Discovery program

Back in 2017, the U.K. government issued a tender to run a £20m Cyber Schools Programme as part of the National Cyber Security Strategy 2016-2021 created to reduce the cyber skills gap by encouraging young people to pursue a career in the profession. The SANS Institute bid for this contract was successful, having run similar programs in the U.S. and able to demonstrate the success of using a "gamified" learning model.

"SANS is by far the largest and most trusted provider of cybersecurity training in the world," James Lyne, CTO at the SANS Institute says, "so we have a wealth of experience, training content and expert instructors." In the first year the Cyber Discovery program saw some 23,000 youngsters from the U.K. aged between 14 and 18 taking part in the initial assessment phase, and around 12,000 qualifying to participate in the primary learning phases, "CyberStart Game" and "CyberStart Essentials." The following year, 29,000 took part and 14,000 qualified. Registration for the third year of Cyber Discovery is now open and Lyne anticipates a significant increase in participation, not least as the entry age has now dropped to 13.
Read more »
Wikileaks
Julian Assange London United Kingdom United States Wikileaks

WikiLeaks‘ founder Assange arrested after seven years hide out inside Ecuador embassy







British police has finally arrested the WikiLeaks founder Julian Assange from the Ecuadorian embassy in London after Ecuador government withdrew asylum citing his bad behavior. 

The arrest has closed the seven year long dramatic stint which could end up in landing in a United States prison as he is facing  a hacking conspiracy charge.

According to an indictment Assange conspired with former Army intelligence analyst Chelsea Manning to steal, and publish classified documents. 

Soon after his arrest, Assange appeared before Westminster Magistrates’ Court, where District Judge Michael Snow found  him guilty for breaching his bail conditions, flatly rejecting his assertion that he had not had a fair hearing and a reasonable excuse for not appearing.

“Mr. Assange’s behavior is that of a narcissist who cannot get beyond his own selfish interests,” Snow said. “He hasn’t come close to establishing ‘reasonable excuse.’”

While, Assange waved to the public from the gallery as he was taken to the cells. His next appearance would be on May 2 via prison video-link for his extradition case.

Whereas his attorney, Jennifer Robinson, said he will fight any extradition to the U.S.

“This sets a dangerous precedent for all journalist and media organizations in Europe and around the world,” she said. “This precedent means that any journalist can be extradited for prosecution in the United States for having published truthful information about the United States.”

Read more »
Ransomeware
Anonymous Hackers cybercriminals Hotel London Lucknow Ransomeware

London hackers may be behind ransomware attack on Lucknow hotel

In a first-of-its-kind ransomware attack in Lucknow, cybercriminals breached and blocked the computer system of The Piccadily, a five-star hotel in the capital of Uttar Pradesh, and demanded a ransom to allow data access. Ransomware is a malware unleashed into the system by a hacker that blocks access to owners till ransom is paid.

The hotel management lodged an FIR with the cyber cell of police and also roped in private cyber detectives to probe the crime and suggest a remedy.

The hotel’s finance controller in Alambagh, Jitendra Kumar Singh, lodged an FIR on March 9, stating the staff at the hotel was unable to access the computer system on February 27 around 11:45 pm when they were updating monthly business data. This was followed by screen pop-ups which read — Oops, your important files are encrypted. The staff initially ignored the pop-ups and rebooted the system following which it crashed. Later, the hotel management engaged a software engineer to track down the malfunction after which it came to light the system has been hit by ransomware.

Nodal officer of the cyber cell deputy superintendent of police (DySP) Abhay Mishra said the case happens to be first of its kind of ransomware attack in the city. The demand for ransom in such cases are also made through ‘Bitcoin’, he said. “They are investigating into the matter, but are yet to make any breakthrough,” Singh told TOI. The staff initially ignored the pop-ups and rebooted the system following which it crashed.

The cyber cell of Lucknow police believes the ransomware attack could have been made from London. Sleuths of the cyber cell made these claims after authorities of the Piccadily said they had been getting frequent phone calls from London-based number after the attack.

Singh said, “We received for calls from the same number a day after the attack. The callers inquired about the ransomware attack and asked about the progress in the case. Later, they also agreed to offer assistance.”
Read more »
Subscribe to: Posts (Atom)