Opening Of Email Attachment Led To HSE Cyber Attack, Report Finds

The opening of a malicious Microsoft Excel file attached to a phishing email led to the cyber attack that crippled the national health service earlier this year, according to a report on the incident published on Friday. The file was opened at a HSE workstation on March 18th, with the email having been sent to the “patient zero workstation” two days’ earlier. Over the coming eight weeks a number of “alerts” were raised within the health service that the IT system might be compromised, but the significance of the alerts was not identified at the time.

Experts Comments

December 13, 2021
Javvad Malik
Security Awareness Advocate
KnowBe4

One click can be all it takes to bring down an organisation. We've seen this kind of thing occur with increasing frequency where an email bypassed mail filters and gateway controls and made it into a user's inbox, from where it was clicked and executed. Even where alerts were raised by detection tools, these were often ignored or buried in a haystack of alerts. 

It reinforces the need to include users as part of the security process by investing in robust security awareness and training to

.....Read More

One click can be all it takes to bring down an organisation. We've seen this kind of thing occur with increasing frequency where an email bypassed mail filters and gateway controls and made it into a user's inbox, from where it was clicked and executed. Even where alerts were raised by detection tools, these were often ignored or buried in a haystack of alerts. 

It reinforces the need to include users as part of the security process by investing in robust security awareness and training to build a culture of security. In doing so, not only can employees be more effective in spotting suspicious emails, but they can report any issues that may have occurred or is suspected to have occurred.

  Read Less
December 13, 2021
Jamie Akhtar
CEO and Co-founder
CyberSmart

This attack illustrates perfectly how vulnerable large, distributed organisations and supply chains are to phishing attacks. We’re seeing cybercriminals increasingly target these kinds of organisations (particularly healthcare) due to the large number of ‘weak links’ within their cyber defences or supply chain. 

Organisations like the HSE often use thousands of devices, including personal laptops and smartphones and it only takes one to be compromised for a system-wide breach. To counter this,

.....Read More

This attack illustrates perfectly how vulnerable large, distributed organisations and supply chains are to phishing attacks. We’re seeing cybercriminals increasingly target these kinds of organisations (particularly healthcare) due to the large number of ‘weak links’ within their cyber defences or supply chain. 

Organisations like the HSE often use thousands of devices, including personal laptops and smartphones and it only takes one to be compromised for a system-wide breach. To counter this, organisations need to take steps to protect every employee device that touches their data, no matter how infrequently or casually.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.