NO patient data in Scotland has been compromised as a result of Friday’s unprecedented worldwide ransomware attack, according to the health minister.
Shona Robison was speaking after a meeting of the Scottish Government’s resilience operation yesterday, which heard there had been no spike in incidents affecting Scotland since organisations returned to work yesterday morning.
NHS systems were largely impacted in the attack in Scotland and across the UK, and the meeting heard that health boards had put extra teams in place to support staff returning to work.
But only around one per cent of computers in the NHS in Scotland were affected, and work has been ongoing to recover the systems.
The Scottish Government wrote to all NHS boards in February reminding them of the importance of cyber security, and asking them to review the resilience of their systems and backup procedures.
Robison is expected to make a Parliamentary statement today. After yesterday’s meeting she said: “Systems are returning to normal today and I would like to thank NHS staff for their hard work over the weekend.
“It is important to emphasise that patient safety is paramount and there is no evidence that patient data has been compromised.
“However Friday’s attack has highlighted the need for everyone to have appropriate and robust measures in place to protect against cyber-attacks which could strike any IT system at any time.”
Robison added: “Police Scotland are investigating the attack, working closely with the National Crime Agency which is leading the UK-wide law enforcement investigative response. Subject to approval, I will update Parliament on the latest situation tomorrow.”
Meanwhile, a United Nations cyber security expert has said that law enforcement agencies might be able to track down the hackers behind the ransomware attack through the digital currency Bitcoin.
Neil Walsh, UN head of global cyber-crime, said that while such attacks have been occurring for some time, he has never seen one on such a large scale.
He added that those behind the hit will likely be feeling nervous by the global attention.
Walsh said the UN has been warning for a number of years that ransomware is one of the biggest threats to businesses.
He warned it is now a wake-up call for all governments and law enforcement agencies to work together to prevent further crippling attacks.
Speaking from his office in Vienna, Walsh, who is originally from Northern Ireland, said there are a lot of investigative opportunities around Bitcoin for law enforcement to track down the ransomware hackers.
Bitcoin is a virtual currency created in 2009 by an unknown person using the alias Satoshi Nakamoto and is being increasingly used to move criminal proceeds.
The United Nations Office on Drugs and Crime (UNODC) teaches investigators and prosecutors around the world how to track a Bitcoin transaction online, even if people are trying to hide it or anonymise it.
Walsh said: “When you demand a ransom, you have to get that money back. If you can’t cash that value or turn it into something, then it doesn’t do anything for your criminal business model.
“In the past month alone we have trained investigators and prosecutors in over 40 countries on how to investigate Bitcoin transactions and how to link those transactions to find an individual or entity.
“So, that is the risk (for the hackers) if they start to get payments coming back. It gives us opportunities to investigate and identify.”
He added that due to the notoriety of the cyber-hit, those responsible for it would be feeling nervous about being identified.
Walsh said: “If I was the person or persons who had sent this and you hit over 100 countries and you hit big players – the US, Russia, China, the UK – I’d be nervous.”
_______________________________________________________________
Don’t be left crying in the dark when your computer gives up the ghost
THE target machines for the WannaCry ransomware attack were primarily those running Windows XP software – an operating system (OS) released in 2001 which was one of the most commonly used in that decade.
Microsoft stopped supporting it three years ago, which meant it no longer issued updates – fixes – leaving it exposed to new (and not-so-new) methods of hacking.
If you still use XP you should upgrade to a more recent system, which will help to secure your computer. Microsoft’s current OS is Windows 10, but two slightly older versions, Windows 8.1 and Windows 7, are still available.
The hackers involved in this attack used a technique described in leaked files from the US National Security Agency (NSA) to spread the ransomware by exploiting XP’s weaknesses.
One piece of advice that can’t be overlooked is upgrading whatever system you use to its latest version, which means downloading and installing security fixes as they become available.
If you have been affected this time round, all may not be lost – if you’ve taken the precaution of backing up your files.
Many people, especially those who use their machines for business, carry out such backups on a daily basis preferably on a separate drive or USB stick, which should be disconnected from your device once the backup is complete.
Cloud storage is increasingly common these days with Google, iCloud and Amazon among the market’s top players. Speed and security used to be issues for such storage, but with the prevalence of high-speed communications, these are less so.
In fact, storing your data in the cloud gives you something less to worry about – the big players have deeper pockets and huge reputations to maintain, so it could be an option.
We hear constant warnings about “suspicious” emails and what not to do with them, but it’s worth remembering that a common ploy for hackers and malware distributors is to hack a target machine’s address book and send emails to all the stored contacts, so the suspicious email might actually appear to come from a friendly source.
Avoid anything you are not expecting is a far more secure thought when considering your emails.
Some email programs can help you identify rogue emails.
If for instance, you have a mail purporting to come from your bank or utility company, if you hover the cursor over the address it has come from, they open a window with the whole address line, which will let you know where it has actually come from.
Email and other accounts are frequently hacked because of weak passwords or those that people use on several sites they visit.
There’s no shortage of advice on creating a strong password using numbers, letters, symbols and upper and lower case characters, but if this turns your brain to mush, you can think about password generators or even managers.
Do something though, you don’t even have to spend money to download a perfectly adequate security suite that will scan incoming emails, give you a firewall and stop malware.
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here