What can we learn about cyber security from the latest attack on the NHS?

A large scale cyber-attack took place last week on Friday 12th May. The attack targeted health organisations worldwide, impacting nearly 150 different countries, including 48 organisations in the UK alone. Over 230,000 computers were infected. Despite fast reactions and following disaster recovery plans, 16 of these companies had to completely shut down their systems, with 6 still unable to recover by Saturday evening.

The impact on the NHS

Although the attack was stopped, it had a huge impact on the NHS as treatment and operations had to be postponed and cancelled in many cases due to patient records not being accessible during the recovery time. It is unclear as yet whether any patient data has been lost, although the NHS is assuring people that there has been no evidence of this being the case.

What is WannaCry Ransomware?

WannaCry Ransomware is malicious software that works by encrypting files and consequently blocking access to data before demanding a ransom payment in order for it to be unlocked again, although even then it is not guaranteed that data will be given back. Ransomware gets onto a machine through tricking victims into clicking on a link, website or opening an email containing the software, which can then get to work encrypting the files, usually one-by-one.

Ransom is often demanded in Bitcoin, which is a digital currency (worth around £230 per Bitcoin) which allows private and anonymous transactions to take place. Hackers utilise this to make it impossible for the money to be traced and linked back to them as the perpetrators of the attack.

Why did the attack happen?

The main reason that is being suggested for the attack being successful is that organisations like the NHS were working using outdated operating systems like Windows XP. This means that they have missed out on crucial security updates which help to protect against attacks like this, compared to more recent operating systems which are more up-to-date and less vulnerable to cyber-attacks. Other organisations that fell prey to the attack may have been using more recent operating systems but failed to apply security updates, leaving them vulnerable.

Preventing future attacks

In order to prevent future attacks, organisations must be prepared. Microsoft has responded by releasing updates for older operating systems such as XP, however it is always recommended that you encourage your clients to be using newer systems where possible. This offers greater security but also greater functionality, efficiency and performance to your clients too. It is vital to also have disaster recovery plans in place in order to reduce downtime in the event of a data breach.

If you’re looking for help supporting your clients or extra resources for a particular protect or setup, give Marathon a call today on 020 8329 1000. 

Share this post