Can we help you advance your organisation through automation, data and Ai?

We'd love to help, please let us know what you need and one of our solution team will be in touch.

SIGN UP FOR HEALTH AUTOMATION UPDATES!
×

Blog

Securing your Cybersecurity Frontline

If you have been at all complacent about your cybersecurity, the emergency alert from the UK’s National Cyber Security Centre (NCSC) to update your on-premise Microsoft Exchange Services urgently should be a wake-up call.

Tens of thousands of organisations across the globe are estimated to have been impacted by the attack. To date, malicious software has been found on 2,300 machines in the UK.

 

If your organisation is using its own physical server and Microsoft Exchange Server 2013, 2016 and 2019, then your company would have been vulnerable to the attack. Those using Microsoft’s cloud server service, Exchange Online, were not affected. The breach was what is known as a zero day exploit.

 

What is a Zero Day Exploit?

 

First, we need to understand the definition of a zero day vulnerability. This is when a vulnerability is maliciously exploited before a patch is made. In many cases, vulnerabilities are discovered by the “good guys” and are kept in secret until a patch is pushed out, avoiding any security breaches. However, in some cases it is more ethical to publicly announce vulnerabilities so users can avoid them. In many cases, exploits are found and executed on the same day as the announcement.

Copy of A Zero-Day Exploit

If the vulnerability is discovered and exploited by attackers before the patch is released and applied, this is known as a zero day exploit.

 

How the Microsoft Attack Occurred

 

In Microsoft’s case, there is speculation over a possible leak of sensitive information that was privately disclosed to its security partners before the patch was released. Some of the code being used by Advanced Persistent Threat (APT) groups and ransomware attacks on this vulnerability has similarities to the Proof of Code that Microsoft shared with partners earlier this year.

 

What To Do Now

 

Microsoft responded swiftly to release a patch that will protect customers from the attack. This patch should be applied when you update your software. If you have an automated endpoint management tool in place, such as that included with the baramundi Management Suite, then patch updates are automated immediately upon patch release, without you needing to take any action.

 

An important note: this patch will be effective in stopping future security breaches; however, it does not eradicate the risk you have already breached. For this reason, it is crucial to conduct a full systems check that will reveal existing vulnerabilities on your systems and provides you with a detailed report about the severity and available remediations. 

 

We recommend that you conduct a vulnerability scan immediately to identify existing vulnerabilities within your network. Luckily, the barramundi Endpoint MOT has you covered with a free of charge systems check currently available.

 

The 2021 Challenge in Cybersecurity

 

Sadly, attackers have been taking advantage of the current stress on the healthcare system to target global healthcare organisations. There was a 45% increase in attacks within the sector at the end of 2020, and the issue is continuing in 2021.

 

Exacerbating this challenge is the increased number of health workers who are using their own devices. Companies can very easily lose track of the numerous endpoints on a network. Endpoint management is often considered the front line of defence for your network and is taken very seriously. However, it can be destroyed in seconds by the increasingly common “bring your own device” or BYOD. Introducing unmonitored devices onto a managed network immediately breaks down its defence, and the pandemic has only catalysed this due to the jump to working from home.

 

Don’t put your network at risk.

 

Conduct a free barramundi Endpoint MOT or book an appointment with one of our cybersecurity specialists to find out more about optimising your IT infrastructure with Unified Endpoint Management.





Join our readership, get expert insight and opinion on automation and AI in healthcare directly delivered to your inbox:
×

Together, we'll build
better Patient Experience
and a healthier world!

Subscribe!

Get early-bird guest-list for events and insights from our AI, health tech and automation subject matter experts!

UK

Engine,
34-36 Abington Avenue,
Northampton NN1 4NY
Tel: +44 20 3289 0014

UAE

Level 5, Standard Chartered Tower,
Emaar Square,
Downtown Burj Khalifa

INDIA

3A / 6F, City Vista
Fountain Road, Kharadi
Pune 411 014