Phishing attacks in the NHS:
As the NHS receives 30,000 malicious emails at height of COVID-19, the need to remain proactive in defence is clear
Freedom of Information (FoI) data shows cyber criminals targeting NHS employees in the middle of the pandemic
A recent FoI request from the think tank Parliament Street has shown that the NHS was targeted by cyber criminals at the height of the COVID-19 pandemic. In line with other healthcare organisations, the NHS seems to have been deliberately targeted by those who thought that staff would be distracted and less careful with their cyber defences.
The data from NHS Digital showed that the NHS received nearly 30,000 malicious emails in March and April 2020.
21,188 malicious emails were reported to the official NHSmail reporting address between 1 and 31 March, 8,085 during April before beginning to decline with 5,883 in May, 6,468 in June and 1,484 in the first two weeks of July.
Of course, the true number of malicious emails may well be actually a great deal higher, with Trusts not reporting cases or emails not getting picked up, but the FoI highlights that criminals are actively targeting organisations when they are perceived to be at their weakest.
Anti-phishing solutions: Organisations have to take a proactive approach to defence
Organisations have to take a proactive approach to defence and ensure that their employees are educated as to what the threats look like and how to deal with them, as AJ Thompson, CCO at Northdoor, explains.
“This FoI probably confirms what many people have been concerned about for some time. We have seen evidence throughout the period of the pandemic of criminals attacking organisations that are focused on creating a vaccine or helping those who have been infected and therefore perceived to be distracted
“This firstly gives us an impression of the type of people we are dealing with, but also the importance of organisations being as secure as possible. The key here is to be proactive in defence. The nature of the pandemic means that many of the staff being targeted are dispersed and outside of the normal security walls. Add to this the fact that criminals are using increasingly sophisticated methods to gain access to data and infrastructure; organisations must be on their toes.
“Identifying areas of potential vulnerabilities in their systems whilst educating staff as to what the threats look like, is the key to remaining secure. This FoI seems to have shown that there has been an increase in the number of threats being reported by staff, meaning that the education of staff seems to be working. However, just as the criminal is constantly changing the way they access systems, so organisations have to remain proactive and aware of the latest threats, the vulnerabilities in their systems and those of their supply chain partners, and ensuring that staff are bought into the importance of remaining secure,” concluded Thompson.