Cyber security is fascinating, high-tech and critical to the world as we know it. However, the reality is often very different to how it is portrayed in movies and television.
As intriguing as it looks, green characters cascading down a black screen only happens in films like The Matrix. At NHS Digital, we have six large screens with dashboards on a big wall and a couple of monitors on our desks – it’s high tech, but it’s not the Minority Report.
Here’s a few more examples of when television and movies got cyber wrong – and what actually happens in a cyber security centre.
Our early detection work helped prevent further infections to reduce the impact to the NHS estate.
The Cyber Security Operations Centre (CSOC) at NHS Digital has detected and blocked a number of malicious malware and trojans over the past few years using these techniques. Recently, we detected the TrickBot trojan, a powerful credential stealer originally developed in 2016 as a trojan for banking applications. Since its creation, TrickBot authors armed their malware with many additional capabilities (modules) that allow silent propagation across the network, evasion of anti-virus, and communication with command and control (C2) servers, to harvest and exfiltrate a range of sensitive data. Our early detection work helped prevent further infections to reduce the impact to the NHS estate.
We have to 'play by the rules' – everything we do needs to be legal and ethical. Criminals do not care about either of these things.
Real criminals know this, so they go for small amounts of data which could go unnoticed more easily. For example, they might start a phishing campaign which contains a malicious file that is downloaded on to an end user’s computer. It could sit dormant for weeks or months before someone takes a simple action, like opening a particular file, which then causes the malicious file to execute and either: