The Welsh social care sector faces an increasing number of cyber threats, any one of which can lead to the compromise of client data, disruption of critical services, and cause financial harm to social care providers.

Increasingly social care providers are relying on websites and portals to maintain contact information of their clients, provide a method of contact as well as providing the latest news. As such they have become a major feature on the cyber vulnerability list – in fact web applications were the number one vector for data disclosure in the social and health care sector in 2021, according to Verizon.

Why do cybercriminals target an organisations’ website?

There are many varied ways in which hackers attack a website and here are just a few:

·       Criminals can try to extort money by threatening to take websites down, making them unavailable to users. These are called Distributed denial of service (DDoS) attacks and are carried out by overwhelming websites with so many simultaneous visits that their servers cannot handle the traffic and crash. Sometimes hackers use these types of attack as a smokescreen to cover for additional attacks on vulnerabilities that might exist.

·         They may want to steal personal client details such as contact names and email addresses to use them for identity theft.

·         You may hold credit or debit card details and the opportunities to steal personal information and credit card numbers are very attractive to hackers, with the chance to sell that information on in the dark web or use it to make fraudulent online purchases.

·       Websites can also be set up to send automated emails, so criminals may try to gain access to use your site to send out spam, setting up automated messages that get sent without you knowing - the perfect disguise to send phishing emails to unsuspecting victims.

·       Criminals may redirect to a fake site, which could be used to steal login credentials and payment details, sometimes then sending the visitor back to the real website so they are none the wiser. In 2021, attackers hacked a well-known angling website and implemented a redirect that sent shoppers in search of angling gear to an adult website!

·       Hackers can also sell access to compromised sites and servers, which can be used as part of a ‘botnet’ to attack other websites as part of a Distributed denial of service (DDoS) attack - as mentioned above., and overload them with spurious traffic so they disappear. 

·       An attack that infects your website with malware can enable criminals to take control of your site remotely and spread malware to your visitor’s devices. There are different types of malware, some of which can let the attackers find out login credentials to financial accounts or steal personal information.

·       If you use your website for ecommerce, the criminal may look to exploit vulnerabilities in order steal personal information which could include credit or debit card details The opportunities to steal personal information and credit card numbers are very attractive to hackers, with the chance to sell that information on in the dark web, to craft phishing emails or use to make fraudulent online purchases.

·         Hacked sites can also be used to distribute malware to visitors – infected computers are worth money to criminals too; or to host pages selling drugs or illegal items, taking advantage of the reputation your site has in Google to make their content visible, and earn money through hijacking it.

·       It can often take a long time to detect that a website has been hacked, and during that time the offender may have used it for a variety of illegal purposes. The criminals are good at covering their tracks, making it hard to see exactly what was done and how they gained access. A site that has been hacked once will often be hacked again, and so it is better to be ready and to improve your defences pre-emptively put in place robust security to defend your website.

What is an FSWA and how can it help my organisation’s website?

The First Step Web Assessment (FSWA) is a service that can directly impact on your website security and help you in the continual fight against cybercriminals. The service itself conducts a light touch assessment of your website’s security setup.

Our team use both passive and active reconnaissance techniques to assess your website, looking at how a cybercriminal would identify a vulnerable site. Passive reconnaissance seeks to gain information about your site without actively engaging with it, identifying outdated components and software that has been used to build it. The service then undertakes active reconnaissance through the use of automated scans to identify vulnerabilities not found through the initial tests.

You will then receive a short non-technical report (2-3 pages) to show any risks found on the site. The report will allow you to consider the risk and encourage further discussion with the site's developer/IT/host provider to help bolster your security further.

If you would like to know more about this or any other service, contact a member of our team.

We also offer a range of membership options depending on what level of support businesses need. Free Core membership provides businesses with access to a range of resources and tools to help them identify risks and vulnerabilities, as well as providing guidance on the steps they can take to increase their levels of protection.