-
The NHS has confirmed that 113 internal email accounts were compromised and used to send malicious spam outside .
-
They working closely with the National Cyber Security Centre (NCSC), who are investigating a widespread phishing campaign against a broad range of organizations.
-
All those affected by the latest NHS-based attacks will have been notified by today, NHS Digital claimed it argued that since implementing a “new password approach.
The NHS has confirmed that 113 internal email accounts were compromised and used to send malicious spam outside the health service around two weeks ago. A brief NHS Digital statement issued on Friday revealed that the incident occurred between Saturday May 30 and Monday June 1 2020. It claimed the security snafu affected a “very small proportion” of NHS email accounts, around 0.008% of the 1.4 million total, and was linked to a wider campaign designed to steal victims’ log-ins.
There is currently no evidence to suggest that patient records have been accessed. We are working closely with the National Cyber Security Centre (NCSC), who are investigating a widespread phishing campaign against a broad range of organizations across the UK,” it added. In fact, the NCSC first raised the alarm about the campaign back in October last year, claiming that automated attacks designed to harvest credentials had been active since at least July 2018 and were spreading “indiscriminately” across multiple verticals.
Read more: CISA RELEASES FIRST OF ITS SERIES OF SIX CYBERSECURITY ESSENTIALS TOOLKITS
There is currently no evidence to suggest that patient records have been accessed. We are working closely with the National Cyber Security Centre (NCSC), who are investigating a widespread phishing campaign against a broad range of organizations across the UK.
~ NCSC said
In this campaign, the user receives a phishing email from a legitimate and known email account which has been compromised. Phishing emails were previously sent from contacts in recent email communications with the recipient, and the subject lines often mirrored the most recent email exchange. This created an initial plausibility for the user to trust the email,” it explained.
“More recently, the subject lines include the compromised user’s address-book entry for the recipient of the phishing email.
This could be in the recipient’s name, the email address or may just be blank.” Clicking on a link in the email would take the user to a fake log-in page featuring their organization’s logo and their email, the NCSC said. All those affected by the latest NHS-based attacks will have been notified by today, NHS Digital claimed. It argued that since implementing a “new password approach” there has actually been a 94% decrease in phishing emails sent to NHSmail accounts over the past year.
More recently, the subject lines include the compromised user’s address-book entry for the recipient of the phishing email. This could be in the recipient’s name, the email address or may just be blank .
We are investigating this issue and have taken the precaution of asking all mailboxes that have a similar configuration to the compromised accounts to change their passwords with immediate effect,” NHS Digital concluded. “We have worked with the organizations involved to isolate affected accounts, supported them to make any necessary changes and have advised affected individuals. The sensitive data that the NHS has access to is of real value not just to hackers, but also to commercial or state actors. To mitigate the risk to its patients and employees the NHS has worked with the NCSC to implement new security guidelines across the NHS.
The NHS stands for the National Health Service. It refers to the Government-funded medical and health care services that everyone living in the UK can use without being asked to pay the full cost of the service. The publicly funded health care service in Northern Ireland isn’t officially called the NHS, it’s actually called Health and Social Care Services (HSC). Each NHS organisation and the HSC provide health care services free at the point of delivery. But there are slight differences in what is fully funded by government and what services are available across the different UK countries.
Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS