NHS Scotland has allegedly had 3TB of data stolen
March 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
This morning, outlets are reporting on the cyberattack on NHS Scotland, allegedly by INC Ransom. The attack has resulted in 3 terabytes of stolen information- including hospital reports, email conversations, clinical reports, document scans, and other sensitive information from various Scotland-based healthcare institutions. The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity discussing the incident.
"This latest cyberattack on NHS Scotland and the proposed leaking of a vast 3TB of extremely sensitive data is appalling, but sadly unsurprising, given healthcare is a common target for cybercriminals. As medical facilities’ services are essential and often cannot be disrupted without severe risk to patients, the industry is very much in the crosshairs of cybercrime and therefore requires strong cyber resilience strategies to limit outages, preserve continuity of patient care and prevent sensitive data loss.
This attack is posing massive risks to patient privacy, operations, and public trust in the healthcare infrastructure. NHS Scotland are rightfully conducting a thorough investigation to determine the extent of the breach, to identify vulnerabilities in its systems, and take immediate steps to prevent further unauthorised access. They should prioritise improving their cybersecurity infrastructure with advanced threat detection mechanisms. They should securely back up their data, so systems can be quickly restored, but they must ensure the backups are protected with encryption to prevent data loss through this mechanism. Other best practices include implementing cybersecurity technology such as email filtering, anti-virus protection, strong password policies and multi-factor authentication. Also, security awareness training should be implemented for staff from day one, ensuring they are vigilant in scrutinising the types of emails, messages and phone calls they receive.
It is incredibly important to adopt a multi-layered approach when it comes to a cyber defence strategy. In fact, we found in our 2023 OpenText Cybersecurity Threat Report that doing so is core to cybersecurity and cyber resilience. Ultimately, the more processes, tools, and systems an organisation has in place to protect and recover data , the less likely an attack will succeed.
This attack underscores the need for collaboration between public healthcare, their infrastructure and technology providers to work on a robust strategy to improve defences."