From cyberattacks on smart buildings to hackers infiltrating our phones undetected, this week has been a little alarming. However, the news that the NHS is fighting back should bring us all comfort. In case you missed the comings and goings in the world of I.T. and Tech, here’s our roundup of some of the stories we think you need to know about this week.
Smart buildings under attack
New research has found that in the first half of 2019, 37.8% of computers used to control smart building automation systems, were affected by malicious cyberattacks.
Most of the blocked threats were not targeted or specific to building-based automation systems but were ordinary malware regularly found on corporate networks, unrelated to automation systems. However, attacks of this nature will have side effects with potentially significant impact on the availability and integrity of automation systems.
The study used information from over 40,000 smart buildings worldwide that use security products. This analysis of telemetry revealed that smart building cyberattacks are a reality. Smart buildings are not just office and residential buildings, but hospitals, shopping malls, prisons, industrial production, public transport, wherever large work and/or living areas need to be controlled.
Security teams whose area of responsibility covers IT networks of smart buildings are being urged not to forget that they need protection. Even basic solutions will provide benefits and defend an organization against potentially crippling attacks.
NHS launches cybersecurity campaign
NHS Digital has this week launched a cybersecurity campaign coving the entire organisation to provide staff with guidance on how to avoid and mitigate potential cyber threats and data breaches.
The NHS is currently one of the biggest direct and indirect targets for cybercriminals and with its ‘Keep I.T. Confidential’ campaign is hoping to educate the workforce on the impact of cybersecurity on patient safety and care.
The programme run by NHS Digital’s Data Security Centre (DSC), aims to remind staff of a number of cybersecurity threats that could compromise the NHS’ defences. Information will be provided to staff on what actions they can take to reduce the risk of attack. Key areas that will be addressed include weak password hygiene, phishing scams and business email compromise (BEC), keeping devices unlocked, and social engineering campaigns.
Rob Shaw, NHS Digital deputy chief executive said; "Cybersecurity is the responsibility of all NHS staff and we want to inspire a cultural change by supporting health and care organisations to embed it in their daily best practice. To do this, we need to support all NHS staff on the direct impact of data security on patient care, and the steps they can take personally to reduce this threat." Read more here.
Alarm raised over SIM jacking threat
A report this week claimed that a new kind of hacking threat against smartphones is on the rise. The attack dubbed ‘Simjacker’ reportedly attacks SIM cards and officials say there is still no method to detect this threat, and millions of phones may be unknowingly affected by it.
The attack happens when a spyware code is sent to a mobile phone which then hacks the SIM card, and ‘takes over’ the mobile phone. The hack allows attackers to get into an individual’s mobile, read messages, listen to the conversation and track real-time locations. This can happen because there’s a vulnerability in the SIM application Tool Kit (STK), which hackers can exploit, by sending malicious code to it.
Unlike Google Play or iStore apps that are downloaded by users, STK software comes pre-installed, and users do not have control over it. When an individual downloads a malicious app from Google Play, antivirus software will detect it. However, for STKs, there is no mechanism present to detect any threat. The report claimed that vulnerability needs to be addressed by mobile phone manufacturers and telecom service providers.
Those were some of this week’s top stories but if you want more content, follow us across our four social media channels: