Part of my role at Here (Care Unbound Ltd.) included being part of the Cyber Security Response Team which involved being aware of current cyber security threats and respond accordingly. I was working the day of the 2017 WannaCry ransomeware attack and spent most of the day floor walking and liaising with our IT provider finding out the threat level and if any reports of WannaCry showing up on our computers. Luckily out IT Provider had taken all of our servers offline to protect our data, so if we did became infected our core data was safe.
Cyber Security threats happen everyday, mostly taking the form of an important email from an “IT provider”, with the body of the email trying to persuade the user perform an action, in the case below this was asking them to confirm they were still using their account at the treat their email account would be deleted if they didn’t.
I like to think that as an organisation our staff are quite good at spotting these attempts, but it only takes one weak link in the chain to throw all your planning and training out the window.
I recently watch a show on Netflix called America’s Book of Secrets the episode focused on the White House and the various features and its history. As the residence of the ‘most powerful person on earth’ there are a lot of hi-tech security mechanisms in place, for example, the air filtration system is so advanced it detected a spike in radiation in the air from a visitor who was receiving chemotherapy. However in 2009 U.S. state dinner security breach where an uninvited couple were able to gain access to the White House, mingle with foreign dignitaries and even have a photograph of themselves with President Obama.
The following investigation into how the couple were allowed entry determined that established protocols were not followed at an initial checkpoint. It was speculated that they were allowed access as they looked the part, the secret service probably had a lot of people to process, maybe the person checking assumed that the next person would deal with them, they may have been under pressure to keep the line moving or not wanting to cause as scene in front of the press.
With regards to the phishing email, NHS workers can be under pressure trying to complete a long list of tasks, deal with patients and tight deadlines and when an official looking/sounding email comes into their inbox warning them that their email account could be deleted you can sympathise with their slip of concentration, and with the example of the White House intruder, you could have the most up to date security technology and procedures but it takes one weak link, usually a human being, for it to all fall down.
To help keep cyber security in the minds of employees we have put up some posters from the National Cyber Security Centre with tips on staying safe online which we put up around the office in high footfall areas (mainly around the tea/coffee station).
Download the PDF or via the National Cyber Security Centre's website
Sometimes threats can come from inside, one of more, take down of the business by deleting all the blogs on JournalSpace. JournalSpace is a good example of not having the necessary back up in place to cope with a full loss of data, they did have a RAID set up but this was only mirroring the data on one disk and copied it to the other (redundancy), when if data was deleted on one disk it was deleted on the other, so in the case of JournalSpace, when the data was deleted on the server the ‘back-up’ deleted it as well.
Remember, backup and redundancy are two separate things, backups don’t provide real time protection, just the ability to restore the data in the event of fire, theft etc. as usually a backup is off site (usually in the cloud). Where as redundancy is the copying the data across multiple drives to allow a real time protection as when one drive fails the other takes over.
Photo by Matthew Henry on Unsplash