CySecurity News – Latest Information Security and Hacking Incidents
The National Health Service (NHS) of the United Kingdom witnessed a large phishing campaign for months. The threat actors have been using official NHS accounts to send phishing emails to unsuspecting third parties, it became a massive campaign in March.
However, the campaign could have been much larger, as INKY reported in their findings. It’s safe to say that the total iceberg was much bigger than the tip we saw, INKY added.
“We have processes in place to continuously monitor and identify these risks. We address them in collaboration with our partners who support and deliver the national NHSmail service. NHS organizations running their own email systems will have similar processes and protections in place to identify and coordinate their responses, and call upon NHS Digital assistance if required.”
NHS released the statement after INKY shared its findings with the institution. Further, NHS and its investigation bench have released statements, in which it said that their team was able to discover that the group did not compromise the mail server but rather individually hijacked accounts.
It is between October 2021 and March 2022, that INKY successfully detected 1,157 phishing emails originating from NHSMail, the NHS email system for employees based in England and Scotland. Last year, this service was changed from an on-premise installation
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: