Author: Cahal Milmo / Source: iNews
Johnston Press Investigations: Cahal Milmo, Aasma Day, Don Mort, Chris Burn, Ruby Kitchen, Paul Lynch, Oli Poole, Gavin Ledwith, Ben Fishwick, Philip Bradfield and Deborah Punshon
The computer systems of dozens of public bodies from hospitals and councils to museums and watchdogs have been breached more than 400 times in the last three years by cyber criminals seeking to extort money, cause disruption or extract data, the i can reveal.
The ability of hackers to provoke chaos in Britain’s public sector was confirmed in alarming fashion in May when the WannaCry data-encryption ransomware attack struck hospitals across the UK, forcing the cancellation of thousands of operations and appointments.
“These people targeted the NHS because they wanted to cause maximum danger and disruption to people’s lives. These individuals had murderous intent. These are not lovable rogues – they want money.”
Dr Tim Owen, director of the University of Central Lancashire’s Cyber Crime Research Unit
But data obtained under Freedom of Information rules by the i and Johnston Press Investigations can reveal for the first time the full extent to which the cyber defences of Britain’s public bodies are being penetrated on a regular basis.
Between March 2014 and April this year there were 424 successful attacks, mostly using ransomware, on the computer systems of 182 NHS bodies, local authorities and other public bodies. A total of 111 UK councils reported 256 ransomware incidents.
These incidents, the vast majority of which have not been previously made public, range from the blocking hospital websites for months at a time to the encryption of 20,000 adult social care records at an English local authority.
Despite such attacks being criminal acts, many are going unreported to the police or are undetected when they are reported. Nine health service trusts and several councils confirmed that they had not reported successful breaches of their security systems to law enforcement while one NHS trust said it had been told by police that an attacker had been found to be outside the European Union and therefore no further action was taken.
One leading expert told i that hackers were targeting with the NHS with “murderous intent” in the full knowledge that attacking the computer systems of hospitals put lives at risk.
The investigation also shows that the WannaCry attack, which affected 47 NHS trusts in England and Wales and 11 NHS boards in Scotland, was preceded by more than 50 other successful cyber attacks on the health service. They ranged from denial of service attacks and the defacing or blocking of websites to 36 ransomware incidents at 17 hospitals where data was encrypted and users received a demand for payment to secure its return.
No data stolen
In keeping with government policy on ransomware attacks, none of the NHS trusts, councils or other public bodies whose systems were breached paid for the release of the data and all insisted that no data was stolen.
The investigation revealed one incident in which a ransom had been paid. Queen’s University Belfast told JP Investigations that it was aware of an incident in which…
Click here to read more