Seven UK cyber attacks and data breaches
Two big stories this month, both of which sadly illustrate how cyber criminals have targeted critical infrastructure. Firstly Advanced were attacked by a ransomware gang taking out a key tool used by NHS 111 services, and secondly South Staffordshire Water were also subjected to a ransomware attack.
The attack on Advanced knocked out several of their products, crucially including Adastra which is used by 85% of NHS 111 services to log calls and give over the phone medical advice. The attack was so devastating it took Advanced nearly 3 weeks to bring its systems back online, during which time, according to The Register, NHS 111 call handlers had to resort to pen and paper.
South Staffordshire Water suffered a similar ransomware attack on its infrastructure, though they were quick to explain that critical water services were not impacted. This particular incident was shrouded in confusion when Clop, the ransomware gang, originally mistakenly announced they had hacked into Thames Water. This was soon cleared up however by a statement from Thames Water.
Both these cyber attacks demonstrate not only a willingness, but also a clear strategic objective of cyber criminals to deliberately and cynically target critical infrastructure, and is very much a wake up call to businesses and organisations delivering such critical services. Sadly these attacks are likely to be on the rise as this precedent continues to be set.
In August the seven data breaches and cyber attacks were in the following sectors:
- Health & social care
- Real estate
- Technology, communication & media
- Retail & wholesale trade
- Food, drink & accommodation
- Professional & technical services
Bob Nicolson | Head of Consultancy