NHS Phishing Attacks

Over 100 Internal Email Accounts Hijacked

In a statement, NHS Digital has revealed an incident in which 113 internal email accounts were compromised and used to send malicious communication outside of the health service.

Occurring between Saturday May 30^th and Monday June 1^st, this NHS phishing attack affected just 0.008% of the 1.41 million accounts in the network.

A Global Phishing Campaign

A spokesperson for NHS Digital has stated: “There is currently no evidence to suggest that patient records have been accessed.

“We are working closely with the National Cyber Security Centre, who are investigating a widespread phishing campaign against a broad range of organisations across the UK.  This has affected a very small proportion of NHS email accounts.”

The statement also noted that the issue is being thoroughly investigated, and that precautions, such as vulnerable or affected accounts changing their passwords, are being taken with immediate effect.

Credential Harvesting

Despite a significant amount of targeted phishing campaigns exploiting the current Covid-19 pandemic, the UK health service has stated that this NHS Phishing Attack is not part of a targeted cyber-attack, but rather “a global phishing campaign designed to cast a wide net”.

With the Nation Cyber Security Centre (NCSC) confirming that this NHS phishing attack is part of a global credential-harvesting phishing campaign that is affecting a variety of organisations across the UK, all NHSmail accounts will continue to be closely monitored.

Protecting Against Phishing Attacks

Though all phishing attacks should be treated with the due concern, it is worth noting that in the last twelve months, NHSmail accounts have seen a 94% decrease in received phishing emails following a range of steps taken that follow NCSC guidelines; emphasising once again the importance of proactive phishing defence.

Along with the NCSC’s recommendations, which included turning off legacy authentication protocols when using Office 365, a strong password policy, and multi-factor authentication (MFA), there are plenty of steps that can be taken to help protect your organisation from phishing attacks. To find out more about methods recognising phishing attacks and improving your information security check out our latest piece: 4 Ways of Recognising Phishing Attacks in 2020.