Eurolink Blog

06Oct

September 2020 Cyber Security Round Up

Over 267 million records were breached in September 2020, and 102 cyberattacks were publicly disclosed too. Of these 102 attacks, 20 specifically affected the education sector, coinciding with the return to school and University across the globe. What's more, September saw the first known death relating to a cybersecurity breach after a patient in Germany died as a direct result of a ransomware attack on the hospital. This is the first known incident of its kind but the safety implications are far-reaching...

Patient dies in Germany after the hospital suffers a ransomware attack...

A patient at Dusseldorf University Hospital has become the first known person to die as a result of a cyber-attack. The hospital systems were compromised by ransomware, meaning that they were not equipped or able to accept emergency patients. The patient, who required urgent medical treatment, was diverted to an alternative hospital 20 miles away. German prosecutors have opened a homicide investigation and the Federal Office for Information Security is working to get the hospital fully operational again. Interestingly, the attack wasn't actually meant for the hospital, but for the nearby University, and the criminals stopped their attack once they learned that the hospital had been shut down, however, the damage was already done. This serves as an important reminder that cybersecurity planning is not just about preventing and handling incidents, but also about business continuity should all of your systems be taken offline. 

Education attacks spike and the National Cyber Security Centre (NCSC) issues warning...

The National Cyber Security Centre (NCSC) warned educational institutions to be extra-vigilant after a spike in cyber-attacks. The majority of incidents have been ransomware attacks, which block access to computer systems. Paul Chichester, Director of Operations for the NCSC has described the spate of attacks as "reprehensible". Read the full story +

British Hacker fined and jailed...

A British Hacker who goes by the alias 'Dark Overlord' has been jailed for five years in the US and ordered to pay $1.5million in restitution after pleading guilty to conspiring to commit aggravated identity theft and computer fraud. He was involved in "The Overlord" hacking group.

Gartner predicts personal liability...

Research and advisory firm Gartner this month made a prediction that by 2024, CEOs and lead Managers will be held personally liable for cyber-physical attacks in up to 75% of cases. Cyber-physical attacks bridge the gap between the digital world and the real world, impacting things like IoT devices, healthcare equipment, and critical infrastructure. The firm also predicts that the cost of these cyber-physical attacks will hit $50 billion of damage. 

Data breach in Wales as a result of 'human error'...

The personal data records of more than 18,000 Covid-19 patients in Wales were leaked as a result of human error after the database was uploaded onto a public server. It was accessible and searchable for more than 20 hours and was viewed 56 times during this period. The database included every person who had tested positive for Covid between 27 February and 30 August and each record included initials, date of birth, geographic area, and patient sex. 11% of records listed on the database also included additional information such as the name of the nursing home or the medical facilities where the individual lived. 

Norway's Parliament attacked by hackers...

Norway's Parliament revealed that it had been the target of a vast cyberattack that included the breach of the emails of some of the country's lawmakers. It is unknown who was responsible for the attack, but analysis demonstrated that data was downloaded and email addresses breached. 

New Ransomware strain ups the bill...

Typically, ransomware makes demands for thousands of pounds to regain access to files, but one new strain (which has been in circulation since July) has upped the bill. Mount Locker ransomware is now requesting millions of dollars from victims, and the malicious actors behind the attack are 'making good' on their threats by publishing the data of those who don't pay. Be warned! 

Redcar & Cleveland Council confirm cost...

Following the breach of their systems back in February 2020, Redcar and Cleveland Council has now confirmed that the total cost of the attack was a whopping £10.4million. The cost was made up of replacement equipment, security upgrades, lost resources, lower productivity, and increased costs. Could your business sustain an attack and what would the potential cost be? Have you considered a cyber insurance policy? Read the full story of the attack +

Singapore becomes the first country to use facial recognition in national identity scheme...

Singapore is rolling out a national identify scheme to give its inhabitants secure access to private and government services. They see the move as "fundamental" to the country's digital economy and as part of the programme will be using biometric facial data to enhance security. Read the full story on the BBC +

Tony Blair says digital IDs "make sense"...

As part of the efforts to fight coronavirus, former Prime Minister Tony Blair has said it is "common sense" to consider the use of digital IDs. Read the full story on the BBC +

Shopify reveals security "incident" involving two employees...

Two rogue employees were apparently responsible for an "incident" in which the merchant data of 200 sellers was disclosed. The two team members worked in the support team and attempted to obtain the customer transaction records. The data included customers’ contact information including their names, email addresses and physical addresses along with their order details. It did not include payment card details or other sensitive data.

Get in touch with one of the team

We will be very happy to help you