Archive | July 2019

Stay in the security picture and avoid the ransomware revival

Everyone loves a sequel – just look at how well the latest Toy Story instalment is performing at the box offices. But there’s one sequel that we could all do without: Ransomware 2. It’s back, and like the best horror movie villains, it’s nastier and bolder than ever before.

Ransomware 2 has already claimed a number of high-profile victims. At the end of June, two US cities paid around $500,000 each to get files and data unlocked following successful attacks. The bill for Norsk Hydro, a global aluminium producer, was even higher. It didn’t pay the ransom, but it still paid the price.

The entire workforce had to resort to pen and paper when ransomware took hold across 22,000 computers in 40 different countries – Norsk Hydro is still recovering nearly three months later. On average, a ransomware attack results in seven days of downtime.

Although the Norsk Hydro’s tough stance has boosted its reputation; it’s also damaged its bottom line – the cost of the attack has already topped £45 million. The company is not the first to end up with a multi-million dollar bill: the Baltimore City government was hit with a massive ransomware attack that left it crippled for over a month, with a loss value of more than $18 million.

The resurgence of ransomware is not surprising – it’s a proven business model and a repeatable one. It works not only at an enterprise level but a personal level too. Individuals can be just as willing to pay a ransom to unlock personal data, such as family photos and financial files, if they are the targeted by an attack.

So how do you avoid joining the ransomware ranks? Although ransomware is powered by malicious software, it still needs human interaction to succeed. Just one click on a spam email or an infected ad is all it needs for a ransomware attack to be initiated. Even a visit to a legitimate website can land you in trouble, if the site is infected with code installed to redirect users to a malicious website.

Better user education can help prevent ransomware being unleashed – whether it’s on a home device or a business computer – but it will never completely eliminate the risk. So organisations need to be ready to fight back when the ransomware ball starts rolling, which means they need robust protection from the DNS layer to the email and the endpoint.

Blocking spam and phishing emails along with malicious attachments and URLs is an important first step. But the need to balance employee flexibility with IT security means the net can never be fully closed.

Even if someone clicks on a malicious link or file, organisations can still supress an attack. If ransomware can’t connect back to the mothership, it can’t be activated.

With thousands of DNS requests being initiated across an enterprise every day, detecting which ones are genuine and which are malicious requires highly sophisticated technology. Instead of proxying all web traffic, intelligent ransomware defence solutions will route requests to risky domains for deeper URL and file inspection. They will also be able to draw  on contextual security to identify unusual and potentially unsafe requests from individual endpoints.

These insights enable IT teams to make quick risk judgements that block threats without blocking genuine business activity. With new risks emerging all the time, ransomware defence solutions need to receive constant updates on the latest sources of malicious content.

If the call back to a command and control server is successful, there are still ways to contain a ransomware attack before it proliferates across an entire organisation. For example, dynamic segmentation can prevent ransomware from travelling across the network – helping to avoid a full-scale outage as experienced by Norsk Hydro.

By taking a layered approach to security, organisations and individuals can mount multiple defences against ransomware whether it’s launched via the web or email. And they will need every one of these defences because Ransomware 2 looks like it’s going to be a blockbuster. Ransomware damages are predicted to reach $11.5 billion in 2019.

Stay safe until next time.

Colin Williams

Business Line CTO Computacenter UK – Networking and Security

https://www.coveware.com/blog/2019/4/15/ransom-amounts-rise-90-in-q1-as-ryuk-ransomware-increases

https://cybersecurityventures.com/ransomware-damage-report-2017-part-2/

IT modernisation is just what the doctor ordered

Chris Price, Computacenter’s Public Sector Director, explores how the NHS can deliver better outcomes by adopting new technologies and digital processes

I recently used an online company to do a finger-prick blood test instead of going to see an NHS phlebotomist and was amazed by the speed and ease of the service. It’s a good illustration of how the NHS could – and should – be evolving to improve the patient experience.

The potential for transformation in the healthcare sector is huge: patients want it, frontline staff want it, and NHS leaders want it. Health Secretary Matt Hancock is a real technology advocate and aims to make the NHS the most cutting-edge in the world. And a Computacenter survey of more than 100 IT professionals across NHS trusts backs this up. The demand for new technology is high, with a wide-ranging wish list: for example 30% of respondents want to implement tablet devices in the next 12 months, providing technology at the point of patient care.

But implementing and transforming technology needs financial resources – with many trusts claiming that budget constraints are the prime reason for their inability to upgrade ageing IT infrastructure.

With the current political turmoil, it is likely that modernisation of the NHS will take a back seat. But we can’t afford to neglect this: to deliver better patient outcomes and value for money, we have to push the digital roadmap forward. Computacenter is playing its part by working with NHS Digital and individual trusts to not only accelerate the adoption of new technologies but also to maximise benefits realisation.

Investing in the future

Greater digitalisation will require new skills, new processes, and new policies. Navigating this new landscape will not be easy: as well as highlighting a lack of budget and resources, our survey revealed that some IT system upgrades are not pursued as they are just too complicated.

Security will be a key priority – both at a national and a local level – as healthcare data becomes digital. As part of our work with NHS Digital, we have deployed a network analytics solution that will help to identify patterns of potential threats across the NHS Digital Health and Social Care Network.

NHS organisations will need to develop new skills to aid the implementation, optimisation and management of these and other new technologies.

At Computacenter, we are committed to investing in future talent both within our business and beyond. Each year we employ in excess of 100 young people across a number of different technical and business programmes to give them a springboard into a career in the tech industry. We also promote school and university outreach to show students the opportunities that can arise from working with technology. We are delighted that these efforts have been recognised; Computacenter recently won an award for the best medium-sized organisation’s undergraduate industrial placement programme.

The transformation of NHS IT is critical to the future of healthcare delivery and enabling a more preventative approach: modernising IT is the top priority in 2019 for our survey respondents. The government has already recognised the importance of technology and now is the time to step up its commitment.

The NHS faces unprecedented financial and operational challenges, and patient care is suffering despite the determined efforts of frontline staff. We want to help the NHS with its needs of today and also prepare it for the digital opportunities of tomorrow.

When it comes to health, a better experience is important for all of us: the quicker patients and clinicians receive information, the quicker they can take action to improve wellbeing. Receiving that blood test result so promptly meant I could make more informed decisions and catch any small health issues before they become big health issues. With the right technology, this can all be done in my time and without consuming valuable resources at the local GP surgery!

Find out more about Computacenter’s work in the public sector.