Tag Archive for: data

Rubrik urges shift from data backup to cyber resilience

/in


As World Backup Day approaches on March 31st, data security figure Anneka Gupta, Chief Product Officer at Rubrik, emphasises the rising importance of cyber resilience in aiding organisations to fortify themselves against cyber threats.

According to Gupta, relying solely on World Backup Day is insufficient in our fluid cybersecurity threat landscape. Instead, it is crucial we usher in “the era of cyber resilience, where the combination of cyber posture and cyber recovery will help to create a cyber resilient future and prepare organisations for any threat, at any stage of an attack.”

This declaration comes in the wake of evidence from a Rubrik Zero Labs State of Data Security report last year, which identified that not only had 93% of external organisations experienced attempts by malicious actors to disrupt data backups during a cyberattack, but 73% reported that these attempts were at least partially successful.

Gupta also examined the role of data recovery and backup systems, frequently referred to as an organisation’s last line of defence. In her perspective, “traditional solutions are no longer cutting it.” The questionable reliability of these solutions raises severe doubts about security, pivoting the critical question for organisations from ‘What backup solution do we have?’ to ‘Do I trust the solution and strategy I have in place?’

According to Gupta, the path to a cyber-resilient future requires organisations to execute three key strategies. Firstly, ensuring that data has suitable authentication and access controls can prevent cybercriminals from exploiting system vulnerabilities.

Secondly, possessing an ability to oversee vulnerable data and those affected when systems are compromised empowers IT and security teams to evaluate risks effectively and respond swiftly to threats.

Lastly, regular simulation and testing of recovery strategies are recommended. This ensures that organisations are prepared to restore critical data and systems with confidence in the event of an actual attack and without reintroducing malware.

While World Backup Day still retains significance, Gupta urges a transformation in our understanding of cyber security and a shift from mere…

Source…

NHS Trust Confirms Clinical Data Leaked by Recognized Ransomware Group

/in


NHS Dumfries and Galloway has confirmed that patient clinical data has been leaked online by a ransomware group following the attack on its systems earlier this month.

The statement by the Scottish NHS Trust dated March 27, 2024, revealed that clinical data relating to a small number of patients has been published by a “recognized ransomware group.”

The trust acknowledged that in the cyber-attack, which it first reported on March 15, the hackers accessed “a significant amount of data including patient and staff-identifiable information.”

It follows a threat by the ransomware group Inc Ransom  on its leak site that it will soon publish 3TB of data relating to NHS Scotland patients and staff unless its demands are met.

The threat actor also included a ‘proof pack’ in its post, which appeared to show a range of sensitive clinical documents, such as genetics reports and letters between doctors discussing patient treatments.

Trevor Dearing, director of critical infrastructure at Illumio, commented: “The methods used by INC Ransom are common among ransomware groups. Ransomware attacks against healthcare organizations are now multiple layers of extortion – cybercriminals will look to steal and leak sensitive data, as well as affect operational up-time. Stolen healthcare data can be sold on the dark web for a quick profit or used in identity fraud.”

NHS Helping Impacted Patients

NHS Dumfries and Galloway Chief Executive Jeff Ace said the service is making contact with patients whose data has been leaked at this point and will continue working to limit any sharing of this information.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population,” he commented.

Ace acknowledged that the information has been released by the attackers to prove it is in their possession. He made no reference to any ransom demand made by the group.

“We absolutely deplore the release of confidential patient data as part of this criminal act,” he said.

Ace added: “We are continuing to work with Police Scotland, the…

Source…

NHS Scotland Clinical Data Published Ransomware

/in


Health authorities in Scotland have hit out at a ransomware gang after it started publishing data including clinical and personal identifiable information of both patients and staff.

The confirmation came after NHS Dumfries and Galloway had warned on 15 March that it had been the target of a focused and ongoing cyber attack on its IT systems.

It has been widely reported that the hacking gang, dubbed INC Ransom, had obtained 3TB (terabytes) worth of data, and are threatening to publish the entire tranche of data unless a ransom is paid.

Data published

Now the NHS has condemned the decision of the hackers to publish some of the data.

“NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients has been published by a recognised ransomware group,” the board said in a statement. “This follows a recent focused cyber attack on the Board’s IT systems, when hackers were able to access a significant amount of data including patient and staff-identifiable information.”

NHS Dumfries and Galloway chief executive Jeff Ace condemned the publication of the data.

“We absolutely deplore the release of confidential patient data as part of this criminal act,” said Ace. “This information has been released by hackers to evidence that this is in their possession.”

“We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation,” Ace said. “Patient-facing services continue to function effectively as normal.”

“As part of this response, we will be making contact with any patients whose data has been leaked at this point, and continue working to limit any sharing of this information,” Ace added.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population.”

The INC ransomware operation is now threatening to leak more data via their dark web leak site.

Frustrated hackers

The refusal of NHS Scotland to pay the hackers ransomware demand was noted by William Wright, CEO of Scotland-based

Source…

China linked to UK cyber-attacks on voter data, Dowden to say

/in


  • By James Gregory & Iain Watson, political correspondent
  • BBC News

Image caption,

Deputy Prime Minister Oliver Dowden is expected to address MPs on the threat

The UK government is expected to link cyber-attacks which accessed personal details of millions of voters to China.

The attacks on the Electoral Commission took place in August 2021 but were only revealed last year.

Several MPs and peers who have been critical of Beijing are thought to have also been targeted in cyber-attacks.

The prime minister called China “the greatest state-based challenge to our national security”.

Rishi Sunak said: “China represents an economic threat to our security and an epoch-defining challenge.

“So it is right we take steps to protect ourselves.”

The BBC understands other Western nations will set out similar concerns.

Acknowledging the attacks last August, the Electoral Commission said unspecified “hostile actors” had gained access to copies of the electoral registers and broken into its emails and “control systems”, but added that it had neither had any impact on any elections nor anyone’s registration status.

The commission said last August that they weren’t able to predict exactly how many people could be affected, but that the register for each year contained the details of around 40 million people.

Deputy Prime Minister Oliver Dowden will address Parliament on Monday about the threat.

It is now thought that Mr Dowden will suggest those behind the attack had links to Beijing, as well as laying out how the UK will respond to what it deems a wider threat.

Publicly identifying the attackers lays the groundwork for potential legal and political actions, such as sanctions or diplomatic protests.

Linking the attackers to China, a fellow member of the UN Security Council, would be an escalation in the diplomatic tension between the two countries.

The prime minister then was David Cameron, who is now the foreign secretary after taking a seat in the House of Lords last year.

China’s foreign ministry spokesperson Lin Jian said the government cracked down and punished all types of malicious cyber activities.

He called on all parties to “stop spreading false information and…

Source…