Public infrastructure bodies have never been more vulnerable to cyber threats.
Cyber security firm SentinelOne discovered that 23 out of the 58 UK universities questioned had been held to ransomware.
Bournemouth University, which has its own cyber security centre, was hit 21 times this last year.
The university, however, remains relatively cavalier despite the cyber threat bombardment: “It is not uncommon for universities to be the target of cyber security attacks; there are security processes in place at Bournemouth University to deal with these types of incident.”
SentinelOne revealed in the report that only one university had contacted the police.
This is the problem with public and private infrastructures. If there is no collaboration, or a remain-silent-attitude – out of embarrassment or fear – the increasing problem of cyber attacks will never be reduced.
Of equal proportion, 28 NHS Trusts said they had been affected by ransomware, according to security firm NCC Group.
It asked every NHS Trust in England whether it had been a victim of ransomware, and of the 60 responses, 28 said they had experienced an attack, one said it had not and 31 declined to comment on the grounds of patient confidentiality.
“Paying the ransom – which isn’t something we would advise – can cost significant sums of money, yet losing patient data would be a nightmare scenario for an NHS Trust,” said Ollie Whitehouse, technical director at NCC Group.
>See also: How to minimise the impact of ransomware
Ransomware attacks are on the rise, with America reporting a 4,000 ransomware incidents a day, an increase of 300% year on year in 2016.
Public sectors – like hospitals and schools – are at the highest risk because they have the largest amount of data, and because they have the largest amount of data and people using their servers, it is more difficult to distinguish harmful ransomware and malware.
Public sector solutions
The US Government suggests that “prevention is the most effective defense against ransomware”.
These include implementing an awareness and training program – because end users are targets – and enabling strong spam filters to prevent phishing emails from reaching the end users.
In the UK this has been put into practice at NHS Greater Manchester Shared Services (GMSS).
NHS GMSS is using Bomgar Remote Support to provide secure and efficient support to its vital healthcare system.
>See also: The (2nd) year of the healthcare hack
“We wanted to standardise on a single solution that gave us all the capabilities we needed, but was also highly secure. After evaluating the many solutions; Bomgar stood out as the right choice,” said Grant Taylor, service desk officer for NHS GMSS.
Security was a critical reason NHS GMSS chose to standardise on Bomgar, according to Taylor: “Working with healthcare practitioners, we handle large volumes of sensitive patient data every day.”
“Ensuring the security of that data was of primary importance in choosing a remote support solution.”
Third-party remote solutions may hold the key to protecting public infrastructure systems from future cyber attacks in the form of ransomware and malware.