Up to 5,000 websites worldwide have fallen victim to a cybersecurity breach this weekend, with British Government, student services and NHS websites being taken offline in response.
The Information Commissioner’s Office (ICO) website, the Student Loans Company and the NHS Scotland Helpline were all affected, leaving thousands without access and questioning security practices.
The websites were infected with a malicious software known as Coinhive which is a program that allows users to ‘mine’ Monero – a cryptocurrency similar to Bitcoin. The malware works by hiding in a websites code, stealing the processing power of the user’s device to covertly mine cryptocurrencies.
‘Mining’ is the process of using complex mathematical equations to essentially create new digital coins – a process that requires a great deal of computing power and, crucially, electricity.
It is for this reason that hackers are now using other people’s computers to do the heavy lifting.
Hackers used this third-party plug-in to insert the Coinhive malware. Once inserted, the malware was then distributed throughout other third-party sites for as long as the user remained active on their browser – quickly snowballing and potentially affecting thousands of web users.
In a blog post on the TextHelp website yesterday, Data Security Officer Martin McKay responded to the attack, and insisted that all relevant security precautions had been in place beforehand, stating:
“Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline. This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action.”
Mr McKay continued, confirming that an investigation is underway to prevent future security breaches and that customers will be regularly updated.
“A security review will be conducted by an independent security consultancy. The investigation is ongoing, and customers will receive a further update when the security investigated has been completed.”
No Public Risk
“NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency.”
The NCSC also looked to calm public fears of data breaches, saying: “at this stage there is nothing to suggest that members of the public are at risk.”
British Government websites were not the only ones affected by the security breach, however – up to 5,000 websites worldwide were affected. Australian Government websites were also compromised in the attack, with the Victorian Parliament and a number of Queensland administrative websites being hit.
Additionally, US courts were affected and have since been taken offline.
Cyber attacks are becoming increasingly common; in May 2017 the NHS was the victim of a similar devastating security breach that exposed sensitive data. In this attack, hackers utilised ransomware known as Wannacry to extort money from victims; asking them to send $300 to a specific Bitcoin address in order to retrieve stolen files.