NHS and Cisco among latest high-profile cybercrime victims

by | Aug 18, 2022 | Thought leadership

The ongoing disruption caused by the recent ransomware attack on the NHS raises serious – and familiar – concerns. According to reporting by the BBC, disruption to NHS 111 services “targeted the system used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings and emergency prescriptions.”

 

The attack, which targeted an NHS Managed Services Provider (MSP), is likely to be a “ransomware or data extortion attack,” according to BleepingComputer and could take weeks to fix. The incident is also being investigated for potential data theft, with media reports raising concerns that stolen patient details could be used as “leverage” by the cybercriminals behind the attack.

At almost the same time, Cisco confirmed news of its own serious incident after a ransomware group published a “partial list of files it claims to have exfiltrated,” according to reporting from Forbes. This breach, which took place in late May but was only recently reported, is thought to have resulted in the theft of 2.8GB of data. According to The Register, “an employee’s personal Google account was compromised,” and the attacker “did manage to spend some time inside Cisco’s IT.”

A Cisco statement said the company “did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.” However, the breach is a significant embarrassment to the networking giant – one of the world’s biggest tech companies with annual revenues of nearly $50 billion.

 

How to prevent cyberattacks

The solution to fending off cyberattacks at both an individual and company level is twofold: training and technology. Training will arm employees to be alert to risks and follow best practices. This can be as simple as using strong passwords and multi-factor authentication, not opening links and/or attachments from unfamiliar sources.

On the technology side, taking a proactive, zero-trust (never trust/always verify) approach when it comes to security can protect organizations and their customers. Having these measures in place is more efficient than using employees as an organization’s first line of defense. By combining training and technology, individual, company, and client data privacy is significantly more achievable for organizations around the globe.

As reports of ransomware and other serious vulnerabilities, such as those affecting Cisco, continue to surface, organizations need proactive protection against a wide range of risks, including those exploited in the distribution of files and documents containing malware and ransomware. These cybersecurity blindspots can remain active and undetected for up to 18 days until antivirus technologies are updated to mitigate the risk.

During that window of vulnerability, unprotected infrastructure remains open to attack and as a result, zero-day exploits have become a preferred way for cybercriminals and nation-state hackers to gain access to networks or deliver malware.

What’s more, one of the major challenges presented by file-based malware is that approximately 1 in every 100,000 files contain malicious content. Almost all of these (98%) are unknown to antivirus solutions when they are released – effectively making these risks invisible to reactive cybersecurity technologies.

Instead, security teams need to be given advanced tools, so they can take a proactive posture to the risks posed by files.

Glasswall takes a proactive approach to file-based threats – our Content Disarm and Reconstruction (CDR) technology identifies and cleans risky, file-based threats from all files – minimizing downtime and disruption often caused by traditional antivirus or sandboxing solutions.

Read more about how Glasswall CDR works

Related

What is Glasswall CDR?

Embedded Engine

CDR Platform

Solutions

REST APIs

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.