WannaCry ransomware attack goes global

 

News on Friday 12th May that NHS England had suffered a major ransomware cyber attack has since been extended to a wider victim base. We now know that the attack has affected around 150 countries, with major hits on the UK and Russia. It is estimated to have affected over 200,000 users to date.  In the UK 48 NHS trusts have reported problems at hospitals, GP surgeries and pharmacies, along with 13 NHS bodies in Scotland – and no doubt the early part of this week will result in more problems as staff come into work and switch their PCs back on.

The hack which targeted Windows machines was miraculously stopped in its tracks from spreading by a young security expert (under name @MalwareTechBlog) who accidentally hit the kill switch on the malware by registering the hard code as a domain name which had been seeded by its creator

SAFEGUARDS:

There are some urgent checks that all companies and organisations should be making in the next 24 hours:

  1. Ensure you are up to date on patching your environment– a lot of organisations were caught out because they didn’t (and Microsoft released a patch for the vulnerability exploited by WannaCry in March 2017).
  2. Check your Anti Virus is up to date (and preferably use a cloud based service ie Webroot)
  3. Ensure you back up all your essential data in line with your businesses Recovery Time Objective (RTO) and Recovery Point Objective (RPO), so you can’t be held to ransom and fearful of operational losses.
  4. Communicate with your staff to alert them to avoid clicking on any suspicious emails and making sure that your operating system software is up to date (it was a rare move for Microsoft to release security updates for unsupported software such as XP as a direct result of this event)

Companies that want advice on data security, can contact Amicus ITS in confidence on 02380 429429.

 

HCI, waking up the storage market – the new must have for enterprise and SMEs

What’s got us talking?

Amicus ITS has secured a major new contract for Hyper-Converged Infrastructure and will be providing professional services to deploy and implement the solution for the customer.

What is Hyper-Converged-Infrastructure (HCI)?

In our fast changing technology world, hyper-convergence is the latest new buzzword and a topic that is exciting many here in Amicus ITS.

Hyper-convergence grew out of the concept of converged infrastructure. Under the converged infrastructure approach, a vendor provides a pre-configured bundle of hardware and software in a single package from different hardware vendors.  Hyper-converged systems are modular systems designed to scale out by adding additional modules.  The magic is that HCI requires only a single vendor’s server platform and a ‘single pane of glass’ management console.

Enabling integrated technologies to be managed as a single system through a common toolset is a big step forward and to assure flexibility, HCI systems can be expanded through the addition of nodes to the base unit. Hyper-converged infrastructure streamlines the deployment, management and scaling of datacentre resources by combining x86-based server chassis and storage resources with intelligent software in a turnkey software-defined solution. Separate servers, storage networks and storage arrays can be replaced with a single hyper-converged solution to create an agile datacentre that easily scales with our customers’ business.

Why is Amicus ITS so excited by HCI?

We are constantly looking to keep ahead of the technology curve and stay one-step ahead of the MSP competition.  By taking solutions to our customers that add true value to their business, this gives us real opportunity to demonstrate forward thinking and benefits all round.  Amicus ITS has the confidence of combining the right technologies with our most important assets, our people and our proven processes – to build comprehensive and compelling solutions, fit for tomorrow.  Wrapped with Amicus ITS’ quietly assured Managed Services capabilities, it creates a powerful combination of positive results for both sides.

Whether a customer wants an HCI solution delivered that they manage, or an HCI solution that Amicus ITS as an MSP looks after – what this shows is that to be a fit MSP in today’s market, you cannot go on just selling traditional three-tier architectures with their associated multiple different technologies, higher costs and greater complexity.  This swallows up greater day-to-day management resource, as well as the people and skills to support and maintain a wide variety of servers, storage, networking and software management technologies.  At scale, this can be challenging as it increases the chance of incompatibilities and administration overheads.

HCI appeals because it radically simplifies infrastructure for the customer and enables smooth management processes to wrap around it.   So, it’s time to slim down and de-mystify the technology and show what is really good out there for our customers – and here, utilising what was designed for Google and Facebook always available engineering, as a technical model for both enterprises or SMEs.   Being forward thinking and flexible in our consultative approach – where the solution benefits both the customer and MSP, it’s a win-win for both.

 

 

 

 

 

 

Amicus ITS Awarded Full Certification For Cyber Essentials Plus

cyber-essentials-plus-award-2017_03_03_17

Amicus ITS has announced its award of the higher level ‘Cyber Essentials Plus’ status.  This industry-backed technical security scheme seeks to heighten the defences of companies against threat.  For Amicus ITS with its long history of serving healthcare, regulated industries and blue chip corporates, it was a logical and natural extension of its existing security standards.

Led by Standards Co-Ordinator Emma Purr of Amicus ITS’ Security & Compliance Team, Emma Purr said:  “This was a good team effort, supported by members of our technical Escalation Team.  Cyber Essentials Plus is normally a first step-in for organisations to gain the more stringent security accreditation, ISO 27001.  Cyber Essentials Plus requires a 5-step security approach, whilst information security standard ISO27001 has 114 control requirements in 14 groups and 35 control objectives which must be addressed, so is both very broad and very deep.  However, we’ve done it in reverse, having gained our ISO27001 status back in July 2014. This was however no walk in the park and illustrates the critical importance of ensuring robust defences exist around your business.  Obtaining Cyber Essentials Plus status has further strengthened our resilience and is great to have on show as another recognised security badge”.

What is Cyber Essentials Plus about?

To create the UK Cyber Essentials scheme, the UK Government worked with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) for several years before launching the current system in June 2014.  Backers also include the Federation of Small Businesses (FSB), the Confederation of British Industry (CBI) and various insurance institutions.  Forming a set of comprehensive and challenging technical controls, it endorses compliance for organisations to create better technical protection from cyber attack and misuse of systems.  With standards which are risk-based and prompted by international best practice, they include aspects such as physical security, staff awareness and data backup.

What does Cyber Essentials Plus focus on?

Amicus ITS had to focus on five mitigation strategies:

1.   Boundary firewalls and internet gateways – for any user trying to access any websites which may have malicious content
2.   Secure configuration – ensuring the administration control of all user devices are securely configured, so the rights on what can be downloaded is appropriate and controlled.
3.   User access control eg, new starters only have access to the systems they require as part of their job; special access privileges which are restricted to a limited number of authorised individuals, which includes domain admin and the restriction of selected system administrators to be able to make any changes at a high level to internal systems and security firewalls; plus password strengthening and complexity in relation to service accounts. These get changed regularly – and automatically on the exit of any personnel.
4.   Malware protection – ensuring that relevant antivirus malware software is installed and kept up to date, which scans files and web locations automatically on access to identify they are safe and also to re-endorse the protection against accessing unsafe websites which get automatically blocked.
5.   Patch management – this ensures all software running on company devices are licenced and up to date, installed in a timely manner and that out of date software is removed from devices. Additionally, that security patches are deployed automatically on release.

Anyone wishing to discuss business information security issues or about being supported to obtain Cyber Essentials status, should contact the Sales team or speak to JP Norman on 02380 429429.

cyber-essentials-plus-badge-high-res

Taking ownership of cyber – it involves us all

 

boardroom1

New research by BAE Systems of 984 IT managers and 221 executives from Fortune 500 companies across the world, has found that there is still a damaging gulf in the perception of who should take charge to manage the aftermath of a cyber-attack in an organisation.

• The survey suggested that 50% of IT staff believed boardroom executives should take the lead when it comes to deciding how a company should respond and repair after it has been penetrated by hackers.
• In contrast, more than 30% of Chief Executives said that IT staff should be the ones cleaning up, fixing problems and hardening defences.

This, according to Dr Adrian Nish, head of the cyber-threat intelligence unit at BAE Systems, could lead to organisations not being prepared for oncoming attacks.

Cost of attack
There was also a mismatch when it came to the perceived cost of a breach:  technology bosses believed that, on average, a breach could cost a company about $19m (£15m).  This estimate included fines, legal fees, remediation expenses and compensation for customers.  By contrast, boardroom members put an average price tag of $11.6m (£9.2m) on breaches.

Prevention much better than cure
Ultimately, whatever the price of a cyber-attack, unless organisations have taken the necessary preventative steps, they remain highly vulnerable to not only the cost of breach, but the enormous impact of reputational damage and loss of trust.

Oliver Parry, head of corporate governance at the Institute of Directors commented:   “As with other principle risks to a business, responsibility of outlining this strategy should fall with the board.  Lasting cybersecurity only comes from embedding good practice throughout the culture of an organisation, starting from the top. No system or person alone can prevent indefinitely the threat of a cyber-attack.”

This ties in with one of the main recurring themes for Amicus ITS’ Director of Technology, Security & Governance, JP Norman, who has stated many times over recent years that good education and awareness by staff (the “squidgy bits”) around data security remains central to good defence efforts in thwarting a successful attack.  Commenting recently

“At Amicus ITS we carry out a 3 stage review on a monthly basis with data being collated via our support functions, reviewed at a formal Information Security Committee meeting and further reviewed at every Board Meeting. This enables us to ensure strategy, training and new developments flow in both directions across our company” JP NormanDirector of Technology, Security & Governance.

Barcode technology putting the patient at the heart of process as its most important asset

NHS

The Department of Health has announced a pilot scheme that has just reported its first results using barcode technology.  The £12m scheme which started in 2016 has been used to track patients and improve asset management through the hospital system.

Use of barcode technology (GS1) has been common practice in most major industries and transformed the retail sector as an effective way for companies to identify and track their assets and provide an accurate digital audit trail for stock, equipment and movements between sites.  The difference for healthcare is that this ensures integrated and agnostic patient-centric care provision, focusing not on short term activity targets, but long term patient outcomes.  This was a central theme in the Department of Health’s e-Procurement strategy in April 2014 and with today’s stretched NHS, connecting patient safety, identification of a person, product, place and administrator, creates truth, greater accuracy and ultimately accountability – and comes not a moment too soon.

The barcodes are being placed on wristbands of patients on entering hospital and used variously on breast implants, replacement hips, medical and surgical tools and pharmaceuticals etc. to track treatment and staff administering the treatment.

The pilot scheme which has been running initially at Salisbury, Derby, Leeds, Cornwall, North Tees and Plymouth is reported to be showing early signs of impact, with reductions in waste, effective management of health stocks and reduced staff time trying to locate medical supplies on shift, thereby freeing them up to spend more time with patients.

By using barcodes, it will also help with remediation should any faults develop in future years.  For example, a screw used in a knee operation would be traceable and details, such as when it was used and the surgeon who carried out the procedure, could be found quickly and easily.

The Health Secretary Jeremy Hunt believes this could help save the NHS over £1bn over the next seven years.    In an example of stock recall, back in 2012, breast implants made by French firm Poly Implant Prothese (PIP) were found to have double the rupture rate, affecting roughly 300,000 women globally and 47,000 in the UK.  Had this barcode system been in place at the time, tracing those patients to make the necessary remedial checks on their wellbeing would have been simpler, potentially less costly and less stressful for those involved had early intervention been possible.

Disaster for Three Mobile as huge data hack is disclosed

three-logo

News has emerged today that one of Britain’s biggest mobile phone companies has suffered a huge breach of its systems, exposing an estimated six million user account details to  compromise.  This represents two thirds of the company’s customer base.

Believed to have been a hack through an authorised employee login, the hackers were able to access the customer upgrade database.

A spokesman for Three said, “Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.  We’ve been working closely with the Police and relevant authorities. To date, we have confirmed approximately 400 high value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity”.

Three added that the data accessed included names, phone numbers, addresses and dates of birth, but added that it did not include financial information. Customers whose data has been affected have not yet been informed at this time. However the speed of intercept is indicated by the revelation by the National Crime Agency that they are investigating the breach and that three people have already been arrested, two for computer misuse and one for perverting the course of justice.

With the Chancellor, Philip Hammond’s speech at the beginning of November calling on companies to do more to protect their customers against cyber crime after the series of high-profile breaches in the last few years, the commercial imperative for businesses to create stronger security measures with GDPR on the horizon shows that the need for diligence in compliance is greater than ever.

As part of its ongoing efforts to keep its customers and regional businesses best informed, Amicus ITS has been conducting a series of cyber security roadshow events to help inform and educate businesses in the region.  The next one is on Thursday 24th November 2016 at its headquarters in Totton.  For details click here

UK healthcare: cyber attack focus

NHS
More than 113 million patient records were stolen from hospitals and healthcare facilities around the globe as a result of security failures and cyber-attacks in 2015.

IBM’s Cyber Security Intelligence Index naming the healthcare industry as the number one attacked industry in 2015, it is no surprise that 41% of all security breaches reported to the UK’s information Commissioner’s Office (ICO) year were from the health sector.

These attacks have not only damaged the reputation of healthcare organisations but also their bank balances. The ICO has issued 11 fines amounting to £1.4 million between April 2010 and November 2015, with one NHS trust fined £325,000 for the use of unencrypted devices.

Notable cyber-attacks and security breaches in the healthcare industry
October 2016 North Lincolnshire and Goole NHS Foundation Trust (NLAG) had its systems infected with a virus that resulted in cancelling at least 35 patient operations, and other patients had to be relocated whilst the threat was dealt with.

In 2015
56 Dean Street, an NHS HIV, clinic released email addresses of 781 patients while sending out its monthly newsletter.   730 of these addresses contained the full names of the recipients. The breach was an internal error that the ICO rewarded with a £180,000 fine.

NHS-approved online pharmacy company, Pharmacy2U, sold details of more than 20,000 of its customers to marketing companies without their knowledge or consent. This breach resulted in the ICO fining the pharmacy £130,000.

Why is the healthcare industry under attack?

Better technology and the move to paper-free healthcare allows health professionals to look up and share life-saving information wherever and whenever it is needed. This is vital in improving patient care but it has brought the industry into the sights of cyber criminals.

Personal confidential data is valuable to those with malicious intent, meaning that health and social care systems will increasingly be at risk from external threats and potential breaches as technology becomes more prevalent. This has been emphasised by Lynne Dunbrack, research vice president for the International Data Corporation (IDC): “Frankly, health care data is really valuable from a cyber-criminal standpoint. It could be 5, 10 or even 50 times more valuable than other forms of data.”

Reviewing data security for the health and care industry has found that internal breaches are often caused by people finding workarounds to burdensome processes and outdated technology – and that those people may be unaware of their responsibilities.

How to stop these attacks

Step 1: Cyber Essentials certification

Cyber Essentials is the UK-Government-backed security scheme that sets out five security controls that could prevent around 80% of basic cyber-attacks, improving cyber security and preserving the reputation of the healthcare industry.

Cyber Essentials certification also demonstrates to patients, suppliers and third parties that data security is being taken seriously.  Amicus ITS works with CREST approved, cyber security organisations to ensure that your status has been independently verified by a third-party vulnerability scan.

Step 2: ISO 27001

ISO 27001 is the international standard that describes best practice for an Information Security Management System (ISMS). It encompasses people, processes and technology, recognising that information security within the healthcare industry is not about technology alone.

Step 3: Protect your perimeter

With threats and threat actors continuously evolving there is a real need for intelligent perimeter protection as well as innovation with password and identity management. At Amicus ITS we are happy to provide advice to help ensure your data is as secure as possible.

Amicus ITS specialist information governance and security division, provides services to support NHS and public sector organisations. Our client base is substantial and includes corporations of all sizes. We believe our success in winning and retaining clients is due to Amicus ITS’ deep and ongoing understanding of N3 compliance requirements in the UK.