News that hackers have obtained NHS Scotland patient information and are warning to publish it on the internet, which is a lot of people's worst fear.
Each person's medical past is very private and personal, something that no one else should be able to read without the patient's permission.
However, Ransom Inc, the group behind the attack, has already released what is called a 'proof pack' on its dark web blog, showing a small portion of the stolen data to prove that they have the information.
The board of NHS Dumfries and Galloway has verified that it is real.
But who is responsible for the attack on NHS Scotland, and what do they want?
Who are Inc Ransom?
The group first came out in July 2023. In the eight months since, it has targeted businesses, governments, and even a charity, carrying out attacks across the world, although mainly focused on the US and UK.
The hackers utilize extortion, threatening to expose sensitive information unless a ransom is paid.
Explaining how the group operates, cybersecurity platform SentinelOne stated: 'Operators of Inc. Ransom position themselves as a service to their victims. Victims can then pay the ransom to “save their reputation”, though the threat actors indicate their intention to reveal their methods, making the victim’s environment “more secure” as a result. '
'Inc. Ransom is a multi-extortion operation, stealing victim data and threatening to leak said data online should the victim fail to comply with their demands.'
NHS Dumfries and Galloway chief executive Jeff Ace said: 'We absolutely deplore the release of confidential patient data as part of this criminal act.
'This information has been released by hackers to [offer] evidence that this is in their possession.
'We are continuing to work with Police Scotland, the National Cyber Security Centre, the Scottish Government, and other agencies in response to this developing situation.'
How does Inc Ransom work?
The group uses various methods, including spear-phishing emails and targeting vulnerable systems.
Spear-phishing involves sending harmful emails to individuals or organizations, with the goal of stealing sensitive information such as usernames and passwords, or infecting the user’s device with malware.
Who else has Inc Ransom attacked?
The group has targeted a wide range of victims, including the metal refining and battery manufacturing industries, IT companies, the hospitality sector, real estate businesses, a pharma lab, and even a housing charity.
How can you protect yourself from cyber attacks?
There are several ways to prevent cyber attacks.
- Always be cautious of links in emails, even if you think they're from a trusted sender. Do not just look at the name, but double-check the sender's address. If it seems to be from a company, go directly to the website rather than clicking on the link. Look out for poor spelling and grammar, often signs that it may not be authentic.
- If someone ever tries to make you feel like you need to act quickly, especially when asking for money, take a step back and think carefully. Legitimate banks and companies will never rush you into logging in or sending money. If you get an email from your bank or another financial institution that seems suspicious, give them a call.
- Avoid sharing too much personal information online – hackers can use it to create more convincing scams and guess your login details.
- Speaking of which, complex, unique passwords are crucial for staying safe online. Avoid using easy passwords like P4ssword123, and don't repeat them. If you have trouble remembering them, use a password manager.
- Add antivirus software to your devices to add an extra level of protection.