Latest news with #EclecticIQ
Yahoo
2 days ago
- Health
- Yahoo
Chinese state accused of hacking NHS hospitals
Chinese cyber criminals have been accused of targeting two NHS hospitals as part of an alleged espionage campaign orchestrated by Beijing. An urgent NHS investigation has been launched into data breaches at University College Hospital and University Hospital Southampton, which took place earlier this month. Cyber security experts at intelligence firm EclecticIQ have said that the hackers responsible are linked to a group in China tasked with intelligence gathering They discovered that the group has conducted a string of attacks across the world, potentially targeting hospitals, local authorities and businesses in countries such as Japan, Germany and the US. Cody Barrow, chief executive of EclecticIQ and a former US intelligence official, said it had discovered 'credible and urgent indicators' that the NHS hospitals had been 'compromised by cyber attackers'. He said his firm had evidence that 'malicious actors' had breached both hospitals by exploiting software provided by tech company Ivanti, which is used to manage mobile devices connected to a broader network. Earlier this month, Ivanti confirmed that it had uncovered a 'very limited number of customers whose solution has been exploited'. NHS England said there was 'currently no evidence to suggest patient data has been accessed' and that no frontline services had been affected. A spokesman said: 'We are currently investigating this potential incident with cyber security partners, including the National Cyber Security Centre, and the trusts mentioned.' However, a spokesman for University College Hospital told Digital Health News that some staff mobile phone numbers may have been stolen. Affected employees are now being contacted. EclecticIQ said it had uncovered data that suggested the hacks had originated in China, linked to a group it believed was 'targeting high-value individuals within public institutions, including government agencies, or in the private sector'. The news comes after John Healey, the Defence Secretary, announced plans to spend more than £1bn on cyber defence and artificial intelligence. This will include a new Cyber and Electromagnetic Command, which will seek to fight enemies online. It is not the first time that the NHS has been targeted by cyber attackers. In 2017, a cyber attack originating from North Korea devastated NHS IT systems and cost tens of millions of pounds. Last year, Synnovis, a business that provided diagnostic services to the NHS, was also hacked, disrupting more than 10,000 appointments and more than 1,700 elective procedures. NHS data has revealed it also led to at least two cases of 'severe' patient harm, meaning long-term or permanent health damage. The incident cost Synnovis more than £32m. Meanwhile, an NHS hospital trust on the Wirral revealed that a hack in November led to missed cancer waiting list targets, while also costing up to £3m. The latest incident comes amid a spree of attacks against major British companies, with Marks & Spencer and Co-op recently compromised by cyber criminals. Broaden your horizons with award-winning British journalism. Try The Telegraph free for 1 month with unlimited access to our award-winning website, exclusive app, money-saving offers and more.
Yahoo
2 days ago
- Health
- Yahoo
Chinese state accused of hacking NHS hospitals
Chinese cyber criminals have been accused of targeting two NHS hospitals as part of an alleged espionage campaign orchestrated by Beijing. An urgent NHS investigation has been launched into data breaches at University College Hospital and University Hospital Southampton, which took place earlier this month. Cyber security experts at intelligence firm EclecticIQ have said that the hackers responsible are linked to a group in China tasked with intelligence gathering They discovered that the group has conducted a string of attacks across the world, potentially targeting hospitals, local authorities and businesses in countries such as Japan, Germany and the US. Cody Barrow, chief executive of EclecticIQ and a former US intelligence official, said it had discovered 'credible and urgent indicators' that the NHS hospitals had been 'compromised by cyber attackers'. He said his firm had evidence that 'malicious actors' had breached both hospitals by exploiting software provided by tech company Ivanti, which is used to manage mobile devices connected to a broader network. Earlier this month, Ivanti confirmed that it had uncovered a 'very limited number of customers whose solution has been exploited'. NHS England said there was 'currently no evidence to suggest patient data has been accessed' and that no frontline services had been affected. A spokesman said: 'We are currently investigating this potential incident with cyber security partners, including the National Cyber Security Centre, and the trusts mentioned.' However, a spokesman for University College Hospital told Digital Health News that some staff mobile phone numbers may have been stolen. Affected employees are now being contacted. EclecticIQ said it had uncovered data that suggested the hacks had originated in China, linked to a group it believed was 'targeting high-value individuals within public institutions, including government agencies, or in the private sector'. The news comes after John Healey, the Defence Secretary, announced plans to spend more than £1bn on cyber defence and artificial intelligence. This will include a new Cyber and Electromagnetic Command, which will seek to fight enemies online. It is not the first time that the NHS has been targeted by cyber attackers. In 2017, a cyber attack originating from North Korea devastated NHS IT systems and cost tens of millions of pounds. Last year, Synnovis, a business that provided diagnostic services to the NHS, was also hacked, disrupting more than 10,000 appointments and more than 1,700 elective procedures. NHS data has revealed it also led to at least two cases of 'severe' patient harm, meaning long-term or permanent health damage. The incident cost Synnovis more than £32m. Meanwhile, an NHS hospital trust on the Wirral revealed that a hack in November led to missed cancer waiting list targets, while also costing up to £3m. The latest incident comes amid a spree of attacks against major British companies, with Marks & Spencer and Co-op recently compromised by cyber criminals.
Telegraph
2 days ago
- Health
- Telegraph
Chinese state accused of hacking NHS hospitals
Chinese cyber criminals have been accused of targeting two NHS hospitals as part of an alleged espionage campaign orchestrated by Beijing. An urgent NHS investigation has been launched into data breaches at University College Hospital and University Hospital Southampton, which took place earlier this month. Cyber security experts at intelligence firm EclecticIQ have said that the hackers responsible are linked to a group in China tasked with intelligence gathering They discovered that the group has conducted a string of attacks across the world, potentially targeting hospitals, local authorities and businesses in countries such as Japan, Germany and the US. Cody Barrow, chief executive of EclecticIQ and a former US intelligence official, said it had discovered 'credible and urgent indicators' that the NHS hospitals had been 'compromised by cyber attackers'. He said his firm had evidence that 'malicious actors' had breached both hospitals by exploiting software provided by tech company Ivanti, which is used to manage mobile devices connected to a broader network. Earlier this month, Ivanti confirmed that it had uncovered a 'very limited number of customers whose solution has been exploited'. NHS England said there was 'currently no evidence to suggest patient data has been accessed' and that no frontline services had been affected. A spokesman said: 'We are currently investigating this potential incident with cyber security partners, including the National Cyber Security Centre, and the trusts mentioned.' However, a spokesman for University College Hospital told Digital Health News that some staff mobile phone numbers may have been stolen. Affected employees are now being contacted. EclecticIQ said it had uncovered data that suggested the hacks had originated in China, linked to a group it believed was 'targeting high-value individuals within public institutions, including government agencies, or in the private sector'. The news comes after John Healey, the Defence Secretary, announced plans to spend more than £1bn on cyber defence and artificial intelligence. This will include a new Cyber and Electromagnetic Command, which will seek to fight enemies online. It is not the first time that the NHS has been targeted by cyber attackers. In 2017, a cyber attack originating from North Korea devastated NHS IT systems and cost tens of millions of pounds. Last year, Synnovis, a business that provided diagnostic services to the NHS, was also hacked, disrupting more than 10,000 appointments and more than 1,700 elective procedures. NHS data has revealed it also led to at least two cases of 'severe' patient harm, meaning long-term or permanent health damage. The incident cost Synnovis more than £32m. Meanwhile, an NHS hospital trust on the Wirral revealed that a hack in November led to missed cancer waiting list targets, while also costing up to £3m. The latest incident comes amid a spree of attacks against major British companies, with Marks & Spencer and Co-op
Sky News
3 days ago
- Health
- Sky News
NHS trusts' data 'stolen' in cyberattack
NHS trusts had information stolen in the latest cyberattack on the UK health service, experts have told Sky News, with concerns raised that patient data might be vulnerable in such incidents. University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust have been named as those exposed via a recently discovered exploit. NHS England told Sky News it is monitoring the situation - with the UK's top cybersecurity defence team at the National Cybersecurity Centre (NCSC). Cody Barrow is the chief executive of EclecticIQ and previously worked at the Pentagon, US Cyber Command and the NSA. The firm analyses cyberattacks and uncovered the extent of this incident. He told Sky News such attacks raise the "potential for unauthorised access to highly sensitive patient records". Analysts at EclecticIQ have identified victims of the hack spanning agencies and businesses across Scandinavia, the UK, US, Germany, Ireland, South Korea and Japan. Sky News has been shown evidence of the trusts in the UK being accessed maliciously. Rather than a ransomware attack, data was taken clandestinely after hackers exploited holes in software. In this case, the vulnerability was in a piece of software called Ivanti Endpoint Manager Mobile (EPMM) - a programme that helps businesses manage employee phones. The hole in Ivanti's software was first discovered on 15 May, and it has since been fixed - although there are warnings that systems previously exploited could still be vulnerable. The vulnerability in Ivanti's software allowed hackers to access, explore and run programmes on their target's systems. According to the experts at EclecticIQ, the kind of data accessed included staff phone numbers, IMEI numbers, and then technical data like authentication tokens. Such attacks can leave hackers able to access other data like patient records and further parts of the network via a process called remote code execution (RCE) - running programmes on compromised systems. The analysts said they have identified the hackers exploiting the Ivanti backdoor as having used an IP address based in China. Alongside this, the way the hackers operate is similar to how previous China-based actors behaved. Such attacks can occur when hackers use an automated scan of the internet to find examples of vulnerable software, rather than being targeted. Mr Barrow told Sky News: "This situation represents another urgent wake-up call for the NHS. With threat actors actively exploiting these vulnerabilities, we're not looking at a distant or theoretical risk. The targeting is happening now, and the consequences could be felt across the healthcare system. "The potential compromise scope goes well beyond data theft. We're looking at the potential for unauthorised access to highly sensitive patient records, the disruption of crucial appointment systems, and even interference with critical medical devices that are vital for daily patient care." "This strikes at the heart of patient safety and care delivery," Mr Barrow added. "The impact wouldn't be isolated, it could cause cascading effects cancelled surgeries, delays in urgent treatments, and medical devices failing when needed most. We've seen this before. "Past cyberattacks have shown the chaos that ensues, directly threatening patient outcomes, putting lives at risk and forcing frontline staff to work under extreme pressure. "Beyond immediate operational chaos, these vulnerabilities also profoundly erode public trust in the NHS's capacity to safeguard both their data and their health. "The immediate directive for NHS trusts to engage their cybersecurity teams underscores the severity. The response to this kind of cyber threat needs to be treated with the same urgency as a medical emergency." 👉 Listen to Sky News Daily on your podcast app 👈 A spokesperson for NHS England told Sky News: "We are currently investigating this potential incident with cybersecurity partners, including the National Cyber Security Centre, and the trusts mentioned. "NHS England provides 24/7 cyber monitoring and incident response across the NHS, and we have a high severity alert system that enables trusts to prioritise the most critical vulnerabilities and remediate them as soon as possible." A spokesperson for Ivanti said they had released a fix for the vulnerability in their software. A NCSC spokesperson said: "We are working to fully understand UK impact following reports that critical vulnerabilities in Ivanti Endpoint Manager Mobile are being actively exploited. "The NCSC strongly encourages organisations to follow vendor best practice to mitigate vulnerabilities and potential malicious activity. "Vulnerabilities are a common aspect of cyber security, and all organisations must consider how to most effectively manage potential security issues." "We remain committed to collaboration and transparency with our stakeholders and the broader security ecosystem," it added. "At the time of disclosure, we are aware of a very limited number of on-premise EPMM customers whose solution has been exploited."
Extra.ie
5 days ago
- Business
- Extra.ie
Public urged to create passwords with friends and family to avoid AI deepfake scams
The public should create passwords with their family and friends to help identify whether they are interacting with them or an AI-generated deepfake, a cybersecurity expert has said. Cody Barrow, a former US government adviser, said artificial intelligence has made impersonation scams easier to create. He added that AI was helping to 'lower the barrier to entry' for cyber criminals, and extra precautions beyond basic online security were needed to combat it. The public should create passwords with their family and friends to help identify whether they are interacting with them or an AI-generated deepfake, a cybersecurity expert has said. Pic: Getty Images Deepfake technology is used to alter a person's appearance to pretend to be someone else. Mr Barrow, boss of cyber security firm EclecticIQ, added: 'AI is huge. It's not just hype. It's very easy to dismiss it as such, but it's really not. 'My wife and I were actually just discussing this – we have a secret code that we use that only the real me or the real her would know, so that if one of us ever receives a FaceTime video or WhatsApp video that looks and sounds like us, asking for money, asking for help… we can use that code to verify that we're the right person.' Deepfake technology is used to alter a person's appearance to pretend to be someone else. Pic: Shutterstock Mr Barrow said his approach was necessary because the recent rise of data breaches means many internet users will have had their details compromised at one point. He added that creating passwords with loved ones was especially important for people who are less computer-literate. The warning follows a string of cyber attacks on retailers, including Marks & Spencer. Mr Barrow said predictable security setups may have helped the hackers create a realistic scam to gain access to M&S's systems.
