Two important events that, whilst not directly linked, have a very similar theme.
With the National Cyber Security Centre, part of GCHQ, requesting today that members of the public should report any suspicious emails that they receive to them via a special email address news also that, amid a wave of scams and hacking attacks together with fear that cyber criminals may seek to take advantage and exploit the fight against Covid-19, it is very good to see that Thales UK and NHS Wales have now signed an agreement to work together in the vital fight to stop hackers exploiting the NHS systems during the Coronavirus pandemic.
The need for health services across the world to step up defences against cyber-attack is well recognised by the various authorities involved and the UK is at the forefront of involvement. Thales is a global leader in cyber protection and the agreement between Thales UK and NHS Wales Informatics Services [NWIS] will enable the NHS team to protect vital systems from a surge in cyber-attacks through accessing Thales’s technical threat analysis service and which is considered to be a global centre of knowledge and excellence in the fight against emerging cyber related threats. Importantly, Thales will be providing the service to NHS Wales free of charge.
Thales’s intelligence service is already making available its full intelligence, identification, computer virus spread monitoring, threat analysis and rapid response skills to healthcare systems across the world and that latest confirmation that the company will now be supporting NHS Wales Informatics Services (NWIS) can be seen as a huge additional asset to the NHS overall in these very difficult times.
Gareth Williams, VP Secure Communication and Information Systems for Thales UK, said when announcing the agreement last week that “In this highly unusual situation, we all need to work together to protect the vital services on which patients and NHS staff rely. France’s medical community has already made use of the threat intelligence service and we are proud to be working with our partners in the Welsh Government so that NHS Wales can share our cyber information flow.”
Welsh Government Economy, Transport and North Wales Minister said that “Partnership working between the Welsh public sector and the private sector has never been so important as we all work together to slow the spread of coronavirus. Wales is playing a leading role in the rapidly expanding cyber security sector and the Welsh Government’s support for this vital area of work is evident, not least in our collaboration with Thales, on the National Digital Exploitation Centre – a £20m cyber centre in Ebbw Vale working to deliver the next generation of cyber talent in Wales. The Welsh Government is calling on all businesses to respond to the huge challenges presented by this pandemic. I would like to thank Thales, and many companies like it, for their efforts which will help ease pressures on the NHS.”
For the record, Thales UK has a team of over 6,500 experts including 4,500 are highly skilled engineers working across nine key UK sites. investing over £575 million annually into its UK supply chain and working with partners, investing in excess of £130 million on research and development, the company is based in Green Park, Reading. Thales UK which is part of a France based global business that operates across 68 countries internationally, supplies a range of sophisticated electronic equipment across the aerospace, defence, digital security, transport and space sectors.
Based in state-of-the-art facilities at Reading, these superb facilities which I have visited act as the centre of excellence for secure radio communications, network and infrastructure systems and cyber-security consultancy and other innovation-based activities. Thales UK provides a range of sophisticated equipment to all three sections of the UK military and in particular has a long history of being a major supplier to the Royal Navy of advanced mission systems including mine hunting sonar systems and across all aspects of electronic warfare, sensors, command information systems, prime contract management and systems integration.
Linking very nicely to the Thales announcement is that the National Cyber Security Centre (NCSC) which is a branch of the UK’s Cheltenham based GCHQ intelligence agency has this morning launched a suspicious email reporting service with a simple request of the public: please forward any dubious emails to: firstname.lastname@example.org
The NCSC’s automated scanning system will check for scam emails and cybercrime and if they link to malicious content criminal sites will be immediately taken down or blocked. Launching the reporting service Ciaran Martin, CEO of NCSC said that “Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it, but that means cybersecurity is more important than ever”. scams and cybercrime.”
The new reporting service has been launched after the organisation removed more than 2,000 online scams related to coronavirus in the last month, including:
- 471 fake online shops selling fraudulent coronavirus-related items
- 555 malware distribution sites set up to cause significant damage to visitors
- 200 phishing sites seeking personal information such as passwords and credit card details
- 832 advance-fee frauds where a large sum of money is promised in return for a set-up payment
The NCSC suggests that is that “If you receive a job solicitation via email that sounds too good to be true, it probably is related in some way to one of these money-laundering schemes” and the organisation has also published new guidance on how to use videoconferencing tools securely, following the rise in “Zoom bombing” attacks – pranksters taking advantage of lax default settings on the popular video chat app Zoom to invade and disrupt private meetings.
NCSC recommends that users do not make meetings public, that they connect only to people through their contacts or address book and that they never post the link or password publicly. The advice is that “If you are organising the chat for your family or friends, consider using the lobby feature to ensure you know who has arrived – this is especially useful if individuals are joining the meeting via an unrecognised phone number. So, the advice from NCSC for Zoom users is very clear “Verify participants’ identity when they join the meeting”.
CHW (London – 21st April 2020)
Howard Wheeldon FRAeS
Wheeldon Strategic Advisory Ltd,
M: +44 7710 779785