Atkins on cyber threats to city infrastructure
Recently we hightlighted the growing problem of cyber attack at our Healthy Cities Forum on 9th October.
The threat of ransomware is growing both to healthcare providers and critical national infrastructure (CNI) . Atkins' research shows that that organisations need to concentrate harder to protect themselves in particular ways.
The firm's principal systems engineer, Richard Piggins, says:
'The mantra must be to get the basics right. Address phishing as the route to initial infection. Education of staff will reduce the number of successful attempts, but is unlikely to protect against habitual clickers or well researched, and crafted targeted spear-phishing. Therefore other technical measures are needed to prevent malware being downloaded or malicious sites visited. Raise awareness amongst employees, particularly to operational and engineering staff, of recent threats and attacks'.
The WannaCry worm Atkins reports that hit the NHS in England and Scotland, highlights the menaces of ransomware and the risks surrounding unpatched systems.
Richard added: 'Manage the supply chain. Address the security of embedded systems, that may have long lifecycles. What is the security model and how will this continue to offer proportional risk-based defence?'
Atkins urges adminstrators to look at the UK's National Cyber Security Centre for specific guidance that should be acted on and visit the 'No more Ransom' website which is an initiative that seeks to help victims of ransomware retrieve their encrypted data without having to pay the criminals.