Ransomware Attack Against HSE is Followed by Weeks of IT System Failures and Threatening Demands by the Culprits
We may earn a small commission when you click or purchase an item using a link on this website.
The United Kingdom’s Health and Safety Executive (HSE) suffered a drastic cyberattack nearly two weeks ago that is still affecting health services in Ireland. HSE’s CEO estimates it will feasibly cost more than €100 million to recuperate networks, IT, and related resources that have been triggered by the attack. To make matters worse, the dreadful toll on IT health services was magnified when systems had to be intentionally shut down temporarily in order to limit the impact of the security breach.
It is believed the ransomware attackers had a goal to access data that was stored on the central servers. When HSE discovered they were under attack, it was recognized that ransom notes were attached to all the applicable data and files. In these notes, the attackers provided details instructing HSE representatives to log into a darknet chatroom and exchange messages with them. The attackers involved sent messages demanding $20 million and threatening to publicize the stolen data if the ransom was not paid.
The HSE has been working diligently with the National Cyber Security Centre as well as national and international experts (one of them being McAfee) to resolve and recover from this ransomware attack. HSE has also been coordinating with a private and non-affiliated health organization directly burdened by the attack, Mercy University Hospital in Cork, so they can cautiously get their computer systems back to normal. The aforementioned hospital actually had to initiate a ‘High Court injunction’ to prevent anyone from sharing stolen data from their IT system.
This unfortunate cyber incident has resulted in a number of impediments in the health services arena including tasks such as: setting appointments, accurately tracking Covid19 cases and deaths, and completing lab work. Furthermore, email systems, laptops, and other HSE devices have been out of reach for employees, thus disabling their power to carry out services. Despite the obstacles brought on by this deliberate act of malicious intent, HSE is hopeful that their progress will continue and that operations will gradually be restored.
Disable Your Smart TV’s Ability to Watch You
Smart TVs allow you to watch your favorite shows, stream content, and download your favorite apps. What you may not realize though, is that a smart tv’s constant connection to the internet makes it just as vulnerable to hacks as a computer or phone. Hackers might see or hear you.
To avoid becoming the victim of an intrusive smart tv hack, refer to the protection tips listed below:
- Cover the Camera – Find out where the camera on your tv is located and block it thoroughly with tape or another thick object. If you are having trouble locating the camera, go to a video app to see yourself and cover different areas until you are no longer visible.
- Check Settings – Secure yourself and your family by turning off microphone and camera permissions in your settings. There are specific privacy settings on numerous smart TVs that allow you to manage things such as data usage and ad generation.
- Be Aware – Know what the security and privacy policies are for your smart tv. Be sure you understand the data that the smart tv manufacturer or app designers are allowed to collect. A task as simple as reading a manual can provide insight regarding what type of unexpected personal information might be shared.
- Accept Updates – If your smart tv gives you the option to receive software updates, you should sign up for them to keep security features up to date.
- Change Password – Change generic passwords to a strong, personalized one that cannot be easily guessed or determined.
If the risk of your smart tv being hacked is not alarming enough, keep in mind that other devices connected to the same router may be targeted too. Reduce the threat of encountering a cyberattack on your smart tv by taking action now.
Recovery Guidelines For a Hacked PSN Account
You just received notice that your credit card has been charged for purchases made on your PlayStation account, only you never ordered anything. You know that you need to act fast but are unsure what to do. Guidelines are described below to help you recover your PlayStation Network (PSN) account after it has been compromised.
- Change Your Password: The first thing you always want to do after your account has been accessed by someone else without authorization is change your password. If you used your PSN password to protect other accounts they should be updated also.
- Use Two Step Verification: Adding a secondary verification feature will mean that you are required to enter a code in addition to your password when logging in. Even if a hacker has your password, he/she will not be able to get into your account once this is activated.
- Contact Sony: Contact Sony support quickly to alert them your account has been broken into by someone who you did not give permission to.
- Disable Cards: Reach out to your financial institutions to have all of your linked credit and debit cards disabled. Blocking access to your accounts will prevent hackers from illegally taking your money.
- Kick Hackers Out: Take advantage of Sony’s security option to kick out a hacker during the recovery process. See the below steps to do this:
- Once logged in, click ‘account settings’
- On the left side of the screen, click ‘security’
- At the bottom, click ‘sign out of all devices’
- Click ‘ok’ to confirm this step
While it seems unlikely that a hack into your gaming system account would lead to much loss, hackers are able to steal your personal information such as address and bank account numbers. It is imperative you take action right away to minimize a hacker’s success.
Securing Your VPN Server
Virtual Private Networks (VPNs) offer a great sense of security for individuals who need to connect to a system remotely. By using a VPN, a person can access an encrypted internet gateway without using his/her own private connection.
VPNs are known to be a secure method for entering databases from any desired location in alternative to traveling to the actual location where a computer is, like an office setting. Despite the positives though, VPN users still face security threats such as a personal device being accessed by a cybercriminal somehow.
To combat the risks associated with VPN use, refer to the below tips:
- Enforce Policies. Most data systems operating in a defined location have policies in place so that users can protect information. Transferring these policies to remote VPN users will remind them to take caution when using their devices. Developing and enforcing penalties for users who fail to abide by the policies will lead to increased compliance.
- Implement Strong Authentication. Authentication methods will vary for VPNs depending on its purpose, but using the strongest one available is the safest.
- Add Encryption. Adding encryption to your VPN will strengthen its defense against cybercrimes.
- Set Access Limitations. Limiting access to only the individuals who have a legitimate need to see and use particular data will allow easier monitoring. This will also lower the chances of information being exploited through a personal device.
- Include Other Features. If features are available that allow tasks to be done without connecting to the VPN, they should be utilized to reduce unnecessary access.
- Require Additional Protection. Require that VPN users install extra layers of protection to their devices such as firewall and antivirus software.
VPN servers can easily become the target of a cyberattack. Follow the tips listed above to avoid the consequences of having a vulnerable server.