NHS Ransomware Attack
Ransomware is the latest form of computer virus attacking the internet. In May the NHS and other organisations across the globe became victims of a massive scale ransomware attack, the ‘WannaCry ‘ attack, which rendered their systems incapacitated and caused widespread disruption and chaos - which of course was the intent.
What is Ransomware
All computer viruses and malware are designed to corrupt or delete files within a computer system. Computers connected to a network will pass infections like wildfire, and of course, they can be transferred via email or downloads. Ransomware is transmitted in a similar way, but instead of corrupting or deleting it creates a lock. As soon as the ransomware is unleashed a user will find that they are locked out of their systems, and the screen will display the ransom demands. To have the computer unlocked the user will need to make payment as directed. In the case of the NHS attack, hackers were looking for Bitcoin payment.
Let Chaos Commence
Looking globally at the issue it appears that the NHS wasn’t the intended target, it just happened to have the vulnerabilities required for the virus to take hold. It highlighted how reliant the service is on the technology is uses. Hospitals and doctors surgeries ground to a halt, operations were cancelled, and there was a distinct air of panic. Over 2000 computers, a third of those in use at the NHS, were hit, at over 40 NHS trusts.
Could it Have Been Avoided?
As soon as the virus hit, fingers were pointed. It seems that the NHS has been guilty of neglecting the IT infrastructure and many networks had been sitting wide open. Over a year ago white hat hackers were tasked with testing the security protocols running within the NHS and found alarming and disturbingly serious weaknesses. However, it seems nothing was done in light of these discoveries.
Avoiding an attack comes down to a combination of understanding and security. Operating systems providers spend millions on ensuring that they are running as close to the heels of the hackers as they possibly can. In real terms, this means releasing system updates that provide patches and fixes for any new vulnerabilities that have been discovered.
Virus software is also available and does pretty much the same thing. The ransomware detected at the NHS seemed to target Microsoft operating systems, which is, of course, one of the most popular. Linux and Mac systems were not at risk from that particular virus. However all operating systems can be vulnerable, so no-one should be complacent.
It seems that the biggest problem highlighted at the NHS was a lack of update running. To have secure network one must understand how changes are made to systems, users must have the correct privileges that enable updates to be (most logically) pushed out automatically, and no-one - not even staff in IT - should access their own PC’s using administrator accounts. Patching or updating must be carried out as regularly as such updates become available or, the system becomes vulnerable. It is also vital to have off-site secure backups to mitigate the risk of being hacked.
It is estimated that the criminals behind the WannaCry ransomware attack have netted themselves £55k from more than 260 payments from panicked victims which sadly, according to White House homeland security advisors did no lead to their data being recovered. Lesson learned - we hope.