Your details
Select categories
Save
CATEGORY: Sussex ShowcaseJune was a black month with some of the worst cyber hacks perpetrated in 2024 so far. Ticketmaster, the NHS and Santander were all in the national press, with news of them being hacked by cyber terrorists. Ticketmaster, where millions buy their event tickets, has seen 560 million records stolen from their IT systems. The ShinyHunters Group have threatened to release all the information, that is, unless a $500,000 ransom is paid.
Cyber criminals broke into Santander Bank and stole the personal details of 30 million customers and are threatening to sell that information on the dark web. The bank confirmed in a statement that their security had indeed been breached.
We recently became aware of an unauthorised access to a Santander database hosted by a third-party provider. We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers.
Santander Corporate Website
‘Why is this happening, and how can it be stopped’?
However, the most heinous of cyber-crimes was committed upon Guys and St Thomas’s hospitals in London, as they faced the real-life threatening consequences of a ransom attack. Cyber criminals broke into their networks causing the cancellation of operations and the loss of blood transfusions across the capital.
So, what is happening? How is it that these companies and institutions with all their financial resources are falling foul to hackers? The disruption, the financial loss, and reputational damage caused is monumental. But, why is this happening, and how can it be stopped? Surely they have the defences to stop such attacks?
Why are Organisations Vulnerable?
There are several reasons as to why large organisations get hacked. Hackers, when they attack a business or an institution, are not only wanting to steal money or cause havoc. They are also after a reputation, they do it to show what they are capable of. It’s a really sad thing to try and understand why an obviously computer skilled person would sit in a darkened room with a keyboard, and hack into big world organisations, or healthcare services.
‘Healthcare data can be sold on the Dark Web for a £1000 a record’.
It’s all about getting kudos within the hacking community. Look at me, look at what I did, I hacked into the NHS. It’s also a sad fact to report that the data stolen from the NHS is so valuable. Healthcare data can be sold on the Dark Web for a £1000 a record. Whereas data stolen from a credit card company is only worth £5 a record.
That’s because the data is so personal to us, we can't change our DNA that quickly. Whereas credit card data can be changed quite easily, and a new credit card sent out to replace it.
Exploiting common weaknesses in large business IT infrastructure
There’s also the fact that large organisations share a commonality in vulnerabilities that hackers can often exploit.
Equally, its often about the sheer size of an organisation that attracts cyber criminals. Ticketmaster has 6000+ employees, Santander has 18,000, and working for the NHS, is some 1.27 million. So, as you can see, keeping everyone informed about your cyber security policies is a mammoth job for these organisations.
‘Human error is high up on the list of how companies leave themselves vulnerable’.
Worse still, it can be difficult for companies to keep updating their software with critical security patches. Unsecured networks, unencrypted Wi-Fi and, lax access controls can all provide entry points for cyber criminals to enter the network.
For instance, take a new software that hasn’t been out long, the developer has not had time to fix any potential vulnerabilities that it may have. As a result, cyber hackers will exploit these early weaknesses and try and launch malware onto the new software before the creator knows how to patch them. These are called Zero Day cyberattacks.
Poor password management, it can be difficult to maintain effective passwords and to stop staff using weak passwords. Password reuse is a common problem as it makes it easier to breach a network, when a user has the same password across multiple systems.
Phishing attacks. Deceptive emails or websites, are some of the most common techniques used to trick employees into giving up login credentials. Hackers will go onto professional business websites and find out who is new to a company. The hackers will send them an email pretending to be someone important within the company.
The hacker will demand that they need some particularly important information very quickly. The new starter, in a hurry to impress and being naturally keen to help, passes over the information.
That’s why it’s so important to train new starters on the correct procedure as to dealing with sensitive information, and to not to be taken in by these methods. Human error is high up on the list of how companies leave themselves vulnerable.
Hackers learn to adapt
The bigger problem however with cyber criminals is their ability to constantly adapt to the digital landscape. As soon as you have locked down one area of attack, hackers will simply look to use other methods to gain entry.
Ransomware emails are a common device that they use. Hackers, having gained entry onto your network will then quietly sit on the network for several weeks, or months if they have to. The cyber-criminal will then watch and learn about how your company operates.
Once they know when your bank coffers are full, or that you’re working on a special project, then they lock down your network with an encryption code, that they will only unlock when you have paid the ransom. Hence the name, Ransomware.
Supply Chain Attacks
One of the deadliest attacks however, is the supply chain attack, otherwise known as a 3rd party attack. Cyber criminals look to gain entry onto the network of your supplier and through them, gain access onto your system.
Case Studies: How they were hacked
The NHS:
Use a 3rd party company Synnovis, to process blood tests primarily in the southeast of London. On the 3rd of June 2024, a cyber-attack was launched at the pathology lab. More than 800 planned operations, and some 700 outpatient appointments across Kings College Hospital, and Guys and St Thomas’s NHS Foundation Trust were cancelled, and had to be rearranged because of the hack.
Ticketmaster:
Is one of the world’s largest online ticket sales platforms. It was reported on the day after the NHS hack that cyber criminals had breached the company and that the records of some 560 million customers had had their data stolen. The data is said to include, names, partial credit card details, addresses, and phone numbers.
A hacker group, calling themselves the ShinyHunters claimed responsibility for the attack and were demanding a ransom of $500,000 to restore the stolen data.
Santander:
Whilst the hack didn’t bother the banks banking system. Hackers were able to steel 30 million customers details and 28 million credit card records, as well as personal information about the staff from Santander bank.
Prevention & mitigation strategies
We’re not going to see the end of cyber hackers anytime soon. The ability to sit quietly somewhere with a laptop and break into a organisations infrastructure to steal or to hold it to ransom is going to continue. But there are some things that you can do to stop your business being hacked. First of all, you will need a plan, that will detail what you going to do and when it will be done, as you need to be consistent with cyber security. It’s also very important that everyone in your organisation should know about the plan.
‘Stay vigilant. Develop a cyber defence plan be proactive in monitoring your network for strange anomalies’
Make sure you are up to date with any software that you may use, with the necessary security patches. Use best practice when it comes to the implementation strong password policies. Keep away from simple and overused passwords, especially ones that you use in your personal life, keep the two separate.
Use a password manager to help you remember your passwords, it only takes two seconds to do, but make sure you have two factor authentication installed right across your network. And last but not least, make sure that you know who has, those that should not, have access privileges across your network.
CONCLUSION
Stay vigilant. Develop a cyber defence plan, be proactive in monitoring your network for strange anomalies, and deal with it as safely and quickly. Cyber security does take investment; in both time, and attitude to cyber security. But it’s worth it. Most important of all, absolutely keep your staff informed and aware of best practice in cyber security protection. Investing in your staff is your first line of defence.
AS A CHAMBER MEMBER YOU'RE WELL CONNECTED
Unit 4 Victoria Business Centre, 43 Victoria Road, Burgess Hill, West Sussex, RH15 9LR01444 259 259info@sussexchamberofcommerce.co.uk
