Connect with us


NHS may take a month to recover from supply chain attack



NHS may take a month to recover from supply chain attack

Jakub Jirsák – stock.adobe.com

Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

Alex Scroxton


Published: 11 Aug 2022 10:45

NHS customers using Advanced Software’s Adastra clinical patient management platform – including the frontline 111 service – have been warned that they could face a month-long wait to fully recover their normal operations, as the supplier battles with the impact of a now-confirmed financially motivated ransomware attack.

Advanced was able to swiftly contain the attack on the morning of 4 August, which affected a number of other services besides the Adastra platform. Since then, it has detected no further incidents and its ongoing monitoring has confirmed that the attack has been contained.

However, this has come at the expense of its health and social care sector customers being able to access the infrastructure hosting products needed to run effectively. This has left many vital processes, such as ambulance dispatch, appointment booking, emergency prescriptions, out-of-hours care, and patient referrals in disarray at the affected bodies.

“We are continuing to make progress in our response to this incident. We are doing this by following a rigorous phased approach, in consultation with our customers and relevant authorities,” said Advanced chief operating officer Simon Short.

“We thank all our stakeholders for their patience and understanding as our team works around the clock to resume service as safely and securely as possible. For the latest update on our response, please go to www.oneadvanced.com for more information.”

In another update, Advanced said it was still working with the NHS and the National Cyber Security Centre (NCSC) to validate the steps taken so far, following which the NHS will be able to begin to bring services back online, with NHS 111 and other urgent care bodies starting along this path in the next few days.

For others, it said, the current view is that it will be necessary to rely on contingency plans – that is to say, pen and paper – for three to four more weeks, although it is working to bring this timeline forward.

Advanced is currently in the process of rebuilding and restoring the affected systems in a separate and secure environment. This includes implementing additional blocking rules and privileged account restrictions for its staff, scanning and patching all affected systems, resetting all credentials, deploying new endpoint detection and response agents, and implementing round-the-clock monitoring. Once done, it can start to bring its systems back online and get customers up and running again.

The firm said it was investigating the potential for data to have been affected and will issue further updates should more information about data access or exfiltration come to light.

However, according to health sector magazine HSJ, there is growing concern within multiple NHS Trusts and bodies that use Advanced’s services, that confidential patient data has been stolen in the attack. It cited an unnamed source with direct knowledge of the attack, who claimed that the attackers had made “some demands”, although they were unclear on the nature of those demands, or whether they had been made of Advanced, or of NHS bodies.

If NHS organisations are being extorted, the attack on Advanced’s systems provides further evidence that the ‘moratorium’ on cyber attacks on healthcare organisations declared by some threat actors during the early days Covid-19 pandemic is well and truly over.

Indeed, during the second quarter of 2022, newly disclosed data from data management specialist Kroll revealed that healthcare organisations saw a 90% increase in attack volumes compared to the first three months of the year, fuelled by ransomware.

Laurie Iacono, associate managing director for cyber risk at Kroll, commented: “It is concerning to see healthcare rise so dramatically up the most targeted industry list, at a time when services are undoubtedly still under pressure as they recover from the strained environment caused by Covid-19.

“Ransomware is always disruptive, but its ability to grind company operations to a halt, becomes more significant in an environment where business continuity means saving lives.

“The legacy of the pandemic can perhaps also be seen in the vulnerability of external remote services. In Q2, we saw many ransomware groups take advantage of remote environments by using security gaps in those tools to compromise networks,” said Iacono.

“All organisations – and especially those in healthcare – would do well to test the resilience of their external remote services and preparedness for ransomware in light of this latest report,” she said.

Read more on Data breach incident management and recovery

Go to Source

Click to comment

Leave a Reply


NASA Says Hurricane Didn’t Hurt Artemis I Hardware, Sets New Launch Window



NASA Says Hurricane Didn’t Hurt Artemis I Hardware, Sets New Launch Window

NASA’s Artemis I moon mission launch, stalled by Hurricane Ian, has a new target for takeoff. The launch window for step one of NASA’s bold plan to return humans to the lunar surface now opens Nov. 12 and closes Nov. 27, the space agency said Friday. 

The news comes after the pending storm caused NASA to scrub the latest Artemis I Iaunch, which had been scheduled for Sunday, Oct. 2. As Hurricane Ian threatened to travel north across Cuba and into Florida, bringing rain and extreme winds to the launch pad’s vicinity, NASA on Monday rolled its monster Space Launch System rocket, and the Orion spacecraft it’ll propel, back indoors to the Vehicle Assembly Building at Florida’s Kennedy Space Center. 

The hurricane made landfall in Florida on Wednesday, bringing with it a catastrophic storm surge, winds and flooding that left dozens of people dead, caused widespread power outages and ripped buildings from their foundations. Hurricane Ian is “likely to rank among the worst in the nation’s history,” US President Joe Biden said on Friday, adding that it will take “months, years, to rebuild.”

Initial inspections Friday to assess potential impacts of the devastating storm to Artemis I flight hardware showed no damage, NASA said. “Facilities are in good shape with only minor water intrusion identified in a few locations,” the agency said in a statement. 

Next up, teams will complete post-storm recovery operations, which will include further inspections and retests of the flight termination system before a more specific launch date can be set. The new November launch window, NASA said, will also give Kennedy employees time to address what their families and homes need post-storm. 

Artemis I is set to send instruments to lunar orbit to gather vital information for Artemis II, a crewed mission targeted for 2024 that will carry astronauts around the moon and hopefully pave the way for Artemis III in 2025. Astronauts on that high-stakes mission will, if all goes according to plan, put boots on the lunar ground, collect samples and study the water ice that’s been confirmed at the moon’s South Pole. 

The hurricane-related Artemis I rollback follows two other launch delays, the first due to an engine problem and the second because of a hydrogen leak.

Hurricane Ian has been downgraded to a post-tropical cyclone but is still bringing heavy rains and gusty winds to the Mid-Atlantic region and the New England coast.

Go to Source

Continue Reading


What You Get in McDonalds’ New Happy-Meal-Inspired Box for Adults



What You Get in McDonalds’ New Happy-Meal-Inspired Box for Adults

You’ve pulled up to McDonald’s as a full-on adult. You absolutely do not need a toy with your meal, right? Joking. Of course you do.

The fast-food chain will soon sell boxed meals geared toward adults, and each one has a cool, odd-looking figurine inside. 

The meal has an odd name — the Cactus Plant Flea Market Box — that’s based on the fashion brand collaborating with McDonald’s on this promotion. 

According to McDonald’s, the box is inspired by the memory of enjoying a Happy Meal as a kid. The outside of the box is multicolored and features the chain’s familiar golden arches. 

The first day you can get a Cactus Plant Flea Market Box will be Monday, Oct. 3. Pricing is set by individual restaurants and may vary, according to McDonald’s. It’ll be available in the drive-thru, in-restaurant, by delivery or on the McDonald’s app, while supplies last.

You can choose between a Big Mac or 10-piece Chicken McNuggets. It will also come with fries and a drink.

Now about those toys. The boxes will pack in one of four figurines. Three of the four appear to be artsy takes on the classic McDonald’s characters Grimace, Hamburglar and Birdie the Early Bird, while the fourth is a little yellow guy sporting a McDonald’s shirt called Cactus Buddy.

In other McD news, Halloween buckets could be returning to the chain this fall. So leave some room in your stomach for a return trip.

Go to Source

Continue Reading


Why companies like iHeartMedia, NBCU rely on homegrown IP to build metaverse engagements



Why companies like iHeartMedia, NBCU rely on homegrown IP to build metaverse engagements

To avoid potential blowback from a skeptical audience, retailers as well as media and entertainment companies are learning to invest in their homegrown intellectual properties while building virtual brand activations inside Roblox or Fortnite.

Take, for instance, when they get it wrong.

Earlier this week, Walmart launched its own Roblox world — called Walmart Land — and was roundly mocked for it across social media given the announcement’s disjointed brand message and apparent lack of life. In one viral tweet, a Twitter user described a clip of Walmart CMO William White introducing the Roblox space as “one of the saddest videos ever created.”

This video of Walmart’s chief marketing officer on a stage in Roblox talking about its new “Walmart Land” experience is one of the saddest videos ever created. pic.twitter.com/HtIIToShKs

— Zack Zwiezen (@ZwiezenZ) September 26, 2022

To some extent, this sort of criticism is to be expected during the early days of the metaverse.

“Walmart is an iconic brand; when you see them coming into a platform like Roblox, people are going to be 10 times more critical of what is being launched,” said Yonatan Raz-Fridman, CEO of the Roblox developer studio Supersocial.

But Walmart’s size is not its only disadvantage as it dips its toes into Roblox. Although Walmart has a widely recognizable brand, it owns few intellectual properties that users are actually interested in experiencing virtually — a shortcoming reflected by the somewhat cavernous emptiness of Roblox’s Walmart Land.

Provided by NBCUniversal

The success of other recent brand activations is evidence that media and entertainment brands are better equipped to build metaverse spaces that can dodge online skepticism, thanks to their wealth of owned IP.

“They are having to reinvent themselves, to a certain degree, but that is in their DNA,” said Jesse Streb, global svp of technology and engineering at the agency DEPT. “So they have a unique advantage over, say, some kludgy company that sells lumber, or a construction company.”

For example, iHeartMedia’s Roblox and Fortnite spaces were inspired by the mass media corporation’s wealth of popular real-life events, such as the Jingle Ball Tour and iHeartRadio Music Festival, with virtual versions of musicians like Charlie Puth performing pre-recorded concerts that allow real-time audience interaction.

“There’s a strong brand association with the IP, down to a station level — you’re in the New York area, you probably know Z100,” said iHeartMedia evp of business development and partnerships Jess Jerrick. “The same is true for the event IP, or the IP that we now have in the podcasting space, and of course our radio broadcast talent. So there’s no shortage of really strong IP we can bring into these spaces.”

Translating real-life properties into the metaverse is also an enticing prospect for brands that view metaverse platforms as an experimental marketing channel, allowing them to bring tried-and-true IP into their virtual activations instead of designing them from the ground level. This was part of the strategy behind the recent Tonight Show activation in Fortnite Creative, which was designed in collaboration between NBCUniversal and Samsung. “We’re looking at it holistically — how do we find fans in new ways, and use IP that fans love in new ways?” said NBCU president of advertising and client partnerships Mark Markshall.

Since opening on Sept. 14, iHeartLand has already enticed over 1.5 million Roblox users to visit. The company aims to retain that attention with a schedule of virtual programming featuring popular musicians and personalities.

“At our core, we are essentially an influencer network; our broadcast talent are some of the most connected, most engaging influencers at work in media today,” said Conal Byrne, CEO of iHeart Digital Audio Group. “That gives us this sort of superpower, to be able to go into new-ish platforms, like Roblox or Fortnite, because we talk to our listeners through those influencers.”


Go to Source

Continue Reading
Home | Latest News | Tech | NHS may take a month to recover from supply chain attack