NHS Dumfries & Galloway hackers unlikely to be convicted

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

NHS Dumfries & Galloway hackers unlikely to be convicted

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==BBC

Global hackers who attacked a Scottish health board are unlikely to end up in court but could face sanctions and the dismantling of their ********* network, police said.

Earlier this year, a group called INC Ransom stole 3TB (terabytes) of data from NHS Dumfries and Galloway, including confidential information on patients and staff.

The group, who are suspected to be Russian, demanded a ransom then published the data on the internet when it was not paid.

Speaking about the case for the first time, the Police Scotland detective in charge of the inquiry acknowledged that “a ********* justice outcome” was unlikely.

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==

Det Ch Insp MacLean conceded getting anyone from the INC Ransom group into a Scottish court would be challenging

But Det Ch Insp Andy MacLean said the force hoped to repeat the success of other international operations, such as the one which disrupted Lockbit,

This is the hidden content, please

• Sign In
• or
• Sign Up

.

The ******* on NHS Dumfries and Galloway in February involved the theft of millions of pieces of data, mostly small individual files such as x-rays, test results and correspondence.

The health board warned its patients they should assume that data relating to them had been copied and published.

People were advised to be vigilant against ****** and identity theft and to report any suspicious activity to police.

More than five months after the initial security breach, no-one has come forward to say their data has been misused, backing up a cyber-****** expert who said the ******* was unlikely to cause “actual harm.”

But it ******** one of the most serious cyber attacks to date in Scotland and the group involved has been linked to other *** incidents.

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==Getty Images

Det Ch Insp MacLean said NHS Dumfries and Galloway had been able to recover “really well” since the *******.

He added: “The biggest threat is the vulnerability of that data being exploited now, and how that makes their patients feel.”

Asked how the ******* had been carried out, the senior detective declined to provide details but said the most common “intrusion method” was a phishing campaign.

This is where members of staff are sent emails containing links which, if clicked on, allow the hackers to access their target’s IT system.

NHS Dumfries and Galloway said an external audit before the ******* found its systems were “very secure”.

But Det Ch Insp MacLean warned: “If you’ve got an ironclad guarantee one day that you’ve got a really secure set-up, one of your staff could click on a phishing email the very next day that mitigates all that good work.

“It is a really challenging area for security for organisations.”

‘Heinous ******’

A multi-agency investigation is under way, involving Police Scotland, the ***’s National ****** Agency (NCA) and the National Cyber Security Centre, which is part of the ***’s spy agency, GCHQ.

In February, an international inquiry led by the NCA infiltrated and took control of systems belonging to a ransomware group called Lockbit.

Sanctions against the group’s alleged leader were announced and the

This is the hidden content, please

• Sign In
• or
• Sign Up

reward leading to his arrest and/or conviction.

Det Ch Insp MacLean said in recent years Police Scotland had identified individuals based in Scotland who had been responsible for ransomware attacks.

The force has also provided information which has led to action against cyber ********** in Spain, the Netherlands, Belgium and the US.

But he acknowledged that getting anyone from INC Ransom into a Scottish court would be challenging.

“In lieu of that, we will try everything to identify their infrastructure, identify them, take any measures to stop them committing these ******* and take them to task for what they’ve done,” he said.

“Sanctions are becoming more common the more we identify these people.

“These individuals know they’re targeting health boards across the globe, they know the impact it’s going to have. It’s absolutely horrendous. It’s a heinous ******.”

Police Scotland said it received between 40 to 50 reports of cyber attacks every year.

Victims have ranged from charities and small businesses to a global company headquartered in Scotland.

Psychological impact

Det Ch Insp MacLean said the vast majority made the attacks public but some chose not to do so after taking legal advice.

One company even asked Police Scotland to sign a non-disclosure agreement.

“We know cyber-****** is under-reported within Scotland, within the *** and worldwide, because companies have got the victim perspective and they don’t want to be re-victimised in the media or by their customers knowing about it,” the detective said.

“If it happens in Scotland, come and speak to us, we’ll investigate, we’ll support you the best we can, and we’ll give you advice that’ll help you in the early days.”

The officer said the psychological impact of a cyber ******* could be devastating.

And said he had witnessed people “ageing three or four years in three or four weeks” because of the stress.

Det Ch Insp MacLean urged companies and organisations should draw up a cyber incident response plan, print it out and keep it somewhere safe.

That way they will know what to do – even if they are locked out of their IT system.

He added: “Prevention is the absolute key.

“Be prepared for these attacks. It’s not if, it’s when.”

This is the hidden content, please

• Sign In
• or
• Sign Up

#NHS #Dumfries #Galloway #hackers #convicted

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up