Opening Of Email Attachment Led To HSE Cyber Attack, Report Finds

By   ISBuzz Team
Writer , Information Security Buzz | Dec 13, 2021 03:11 am PST

The opening of a malicious Microsoft Excel file attached to a phishing email led to the cyber attack that crippled the national health service earlier this year, according to a report on the incident published on Friday. The file was opened at a HSE workstation on March 18th, with the email having been sent to the “patient zero workstation” two days’ earlier. Over the coming eight weeks a number of “alerts” were raised within the health service that the IT system might be compromised, but the significance of the alerts was not identified at the time.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
December 13, 2021 11:12 am

<p>One click can be all it takes to bring down an organisation. We\’ve seen this kind of thing occur with increasing frequency where an email bypassed mail filters and gateway controls and made it into a user\’s inbox, from where it was clicked and executed. Even where alerts were raised by detection tools, these were often ignored or buried in a haystack of alerts. </p>
<p>It reinforces the need to include users as part of the security process by investing in robust security awareness and training to build a culture of security. In doing so, not only can employees be more effective in spotting suspicious emails, but they can report any issues that may have occurred or is suspected to have occurred.</p>

Last edited 2 years ago by Javvad Malik
Jamie Akhtar
Jamie Akhtar , CEO and Co-founder
December 13, 2021 11:12 am

<p>This attack illustrates perfectly how vulnerable large, distributed organisations and supply chains are to phishing attacks. We’re seeing cybercriminals increasingly target these kinds of organisations (particularly healthcare) due to the large number of ‘weak links’ within their cyber defences or supply chain. </p>
<p>Organisations like the HSE often use thousands of devices, including personal laptops and smartphones and it only takes one to be compromised for a system-wide breach. To counter this, organisations need to take steps to protect every employee device that touches their data, no matter how infrequently or casually.</p>

Last edited 2 years ago by Jamie Akhtar

Recent Posts

Would love your thoughts, please comment.x