S E C U R I T Y
S O L U T I O N S
Sector faces double deadly virus threat The public sector was at high risk from cyber attacks before Covid-19. But now, with whole workforces working from home, experts warn the likelihood of a successful attack is greater with potentially devastating consequences. Implementing gold standard security solutions may not be practical or affordable short term, but there are a number of actions that could and should be taken right now
L
ocal councils faced as many as 263 million cyber attacks in the first half of 2019, averaging 800 attacks every hour, according to freedom of information requests made by insurance broking firm Gallagher. Most are thwarted, but a successful attack, which can occur from a new unblocked threat or because anti-virus protection is outdated, can have far-reaching consequences for employees, service users and budgets. Ransomware continues to be a huge threat, with a successful attack able to scramble and encrypt key files and spread across a whole infrastructure in minutes. The number of avenues cyber criminals can target to activate these attacks has rocketed
Do you know the fair cost of care ?
Used in more than 60 organisations across the UK, CareCubed is an evidencebased approach to calculating specialist care placements available for both Adults and Children’s services. See how organisations are using CareCubed at: www.iese.org.uk/ carecubed-case-studies Follow us on Twitter:
@CareCubed
Sharing Best Practice | Benchmarking Performance | Excellence Awards
with entire workforces now linking into company systems on potentially unsecure and unprotected devices. David Woodfine, partner at cyber security company Assurity Cyber Associates (ACA), warned that there had been a 500 per cent increase in the number of phishing emails since the pandemic began and an increase in smishing (text messages) and vishing (voice calls) too. The National Cyber Security Centre has warned it is seeing a growing use of Covid-19 related themes by malicious cyber actors, while INTERPOL issued a notice to 194 member countries warning it had detected a significant increase in the number of attempted ransomware attacks against key organisations and infrastructure engaged in the Covid-19 response. It said the ransomware seemed to be spreading primarily through emails, often falsely appearing to be from a government agency regarding the Coronavirus. "The cyber attacker has realised that people are very scared and is using Covid-19 phishing emails to get us to interact," says Woodfine. Typical attacks include: trying to get an individual to divulge username and password directly, getting a user to click on a malicious link, open a malicious document or visit a malicious website and tricking an individual into providing financial details or paying an invoice. While ransomware remains one of the biggest risks, there are other types of malicious software designed to do harm. One clicked link or opened file, for example, can lead to an attacker downloading software known as a key logger onto an individual's device. This can then capture key strokes as an individual inputs a user name and password, giving the attacker access to an organisation's network. Two weeks into the lockdown there were news reports that Rotherham Council's IT system had been compromised by an employee accidently clicking on a spam email with "COVID-19" in the subject field, although the council said no data or information was compromised and the issue was quickly resolved. Kevin Borley, also a partner at ACA described the situation as "a perfect storm". "We have massively
increased risk, huge vulnerability and reduced ability to respond as we would otherwise do," he says. Borley advised that local authority leaders and IT departments should adopt the mindset that they will be attacked. "The public sector is always at the bottom end of the scale in terms of investment in infrastructure and technology, always having to make do and mend and do more with less. There is an inherent issue in terms of realistically what they can do, how close they can get to best practice and how close they can get to being ahead of an issue. They need to take a perspective that they will be hit and invest in technology that won't allow ransomware and malware through. A sophisticated attack could wipe out everything, including the backup infrastructure." And while we might have an image of a lone figure in his or her bedroom launching these attacks, Woodfine and Borley describe a much more organised enterprise. "Anyone with bad intent can buy a ransomware attack with a target in mind, have it tested by a customer support group and then have a post-attack review. This is a highly commercialised industry, this is not kids in their bedroom, this is big business," says Borley. While it sounds like a no-win situation, there are steps local authorities and the public sector as a whole should and can take as a matter of urgency to minimise their risks. With limited budgets, it pays to remember employees are the first line of defence. The best place to start is end-point protection (over and above anti-virus software) using technology that
‘
CONTINUED i e s e Tr a n s f o r m i s s u e 1 7
w w w. i e s e . o r g . u k
9
