- author, david cowan
- role, Home affairs correspondent
-
The founding chief executive of Britain's National Cyber Security Center has urged people not to panic after Scotland's health board was targeted by cybercriminals.
Ciaran Martin said data breaches involving medical information very rarely result in “actual harm” to the public.
It is believed to contain clinical information on thousands of patients, including children, as well as staff financial data.
Martin was once dubbed Britain's “top cyber spy” and headed the National Cyber Security Center (NCSC), which was established in 2016 as part of the GCHQ intelligence collection agency.
Some of the data comes from the Children and Youth Mental Health Service (Camhs) and efforts are underway to identify affected individuals.
People in Dumfries and Galloway are being advised to remain vigilant and contact police if they are approached by someone claiming to have personal information or NHS data.
Additional insurance is provided to the Board's 5,000 staff to protect against identity theft and fraud.
Martin, who left his post in 2020 and is now a professor at the University of Oxford, said: “It's a very difficult situation, but experience in other parts of the world shows that even if this data is dumped on the dark web, “It has been suggested that it is safe.” There is almost no direct damage.
“A good example is Australia, where more than a third of the population's complete medical records were leaked onto the dark web.”
Mr Martin said a concerted government-led effort had minimized the impact of the breach in Australia.
“Police and other authorities were clear that there would be consequences for any extortion,” Martin said.
“While it is deeply disturbing, the complete medical records of nearly 10 million people were affected, yet the data was left untouched and there is no evidence of direct harm.
“People shouldn't panic. There's no database that you can Google for people's medical records or bank account details. This doesn't work that way.
“While not unknown, it is relatively rare for individuals to suffer direct harm, embarrassment, or blackmail.”
So far, there have been no messages from Police Scotland warning people not to access or share the stolen data.
The INC ransom has been linked to a series of cyberattacks in the United States and Europe since last year.
A campaign led by the UK's National Crime Agency infiltrated the group and took over its network.
Sanctions were announced against the group's alleged leader, Russian national Dmitry Khoroshev, with the United States offering a $10 million reward for information leading to his arrest and/or conviction.
“Significant damage from ransomware criminals is relatively rare, simply due to the troubling fact that they tend to be based in Russia,” Martin said.
“This is the world's largest encampment and safe haven for cybercriminals, and Russian police rarely go after them.
“Russia does not extradite its nationals, so I think the chances of anyone behind this horrific attack being locked up in prison in Russia or Scotland are unfortunately quite slim.
“We witnessed an impressive operation by the UK National Crime Agency to destroy the LockBit ransomware group’s infrastructure and expose its masterminds.
“But it's very difficult when large-scale crimes are occurring far away from unfriendly jurisdictions.”