Brian Sims
Editor

Care Quality Commission targeted in bombardment of e-mail attacks

Posted to News on Wednesday, March 10, 2021 Share:

THE CARE Quality Commission, the independent regulator of all health and social care services in England, has been bombarded by nearly 60,000 malicious e-mail attacks over the last three months, accounting for an average of nearly 20,000 attacks per month in the period from December until February.

The data was obtained via a Freedom of Information Act request issued by the Parliament Street Think Tank. It reveals that January 2021 was the most popular month for malicious e-mail attacks with 20,486 episodes recorded. This was closely followed by February at 18,501 recorded cases, and finally December last year when there were 17,587 cases.

The data provided by the Care Quality Commission is also broken down by types of attacks facing the organisation each month. By far the most popular attack format was phishing, which accounted for a significant 94% of all recorded attacks (52,905). The figures for each month are 16,387 in December, 18,865 in January and 17,653 in February.

The Care Quality Commission also recorded 2,311 total instance of malware – 808 in December, 959 in January and 544 in February – as well as 1,358 cases of spam (392 in December, 662 in January and 304 in February).

This worrying news arrives just a few weeks after it was revealed that NHS staff had been targeted by 140,000 malicious e-mails throughout 2020.

Spike in cyber crime

Experts have suggested that this spike in cyber crime activity could be due to scammers attempting to take advantage of the COVID vaccination roll-out programme, which officially kicked off in the UK in December and picked up momentum for mass roll-out in January. 

Chris Ross, senior vice-president of international sales at Barracuda Networks, commented: “Over the last 12 months, cyber criminals have increasingly exploited the COVID-19 pandemic by using carefully tailored phishing e-mails to trick remote employees into handing over confidential data and personal information. Our recent research even revealed a 26% spike in vaccine-related phishing activity since October last year.”

Ross continued: “Due to its association with the NHS and the vaccination programme, scammers have clearly identified the Care Quality Commission as a target for valuable data and will continue to send malicious e-mail attacks to employees until sensitive information or log-in credentials are leaked. Once compromised, data can then be sold on the black market or otherwise used to hold the organisation to ransom.”

In conversation with Security Matters, Ross concluded: “Combating this threat requires companies to introduce mandated training initiatives in order to help members of staff identify suspicious e-mail activity and respond to it both responsibly and securely. Organisations in high-risk sectors like healthcare should also adopt Artificial Intelligence-enabled e-mail defence software, which will flag and block sophisticated spear-phishing attacks from even entering any given Inbox, reducing the risk that human error poses to data security.”

Company Info

WBM

64 High Street, RH19 3DE
EAST GRINSTEAD
RH19 3DE
UNITED KINGDOM

03227 14

Related Topics
COVID-19
CYBER
HEALTHCARE
MALWARE
PHISHING
SECURITY
Related Articles
Latest Webinars
Biometric access control: are fingerprint cards the future?
Biometric access control: are fingerprint cards the future?
Bandweaver signposts webinar on optical fiber for perimeter security
Video Surveillance: Exploring New Horizons
Perimeter Intruder Detection Solutions
Related Resources
Security Matters Podcast – Episode 32 now live to view
Security Matters Podcast – Episode 31 now live to view
Introduction to Vista VIP Series of CCTV cameras & recorders
Latest News
NCSC launches Cyber Resilience Audit scheme for CAF-based audits
Oprema and EET Group acquire access control specialist Advanced Access Ltd
David Mountfield appointed CEO at security solutions developer Texecom

Login / Sign up