
Cyber apocalypse averted, it’s now time to take stock of last weekend’s global Wanna Decryptor ransomware cyber-attack, and work out how you can make sure your business doesn’t end up in the same state of crisis as the NHS did.
How the NHS fell victim to ransomware
It was no secret that the NHS was vulnerable to attack. UK defence secretary Michael Fallon has said the NHS was warned on “multiple occasions”. The NHS’s own head of security, Dan Taylor, last year highlighted the risks of unsupported operating systems and reduced funding. And ransomware attacks are nothing new for the NHS. Even before this weekend’s attack, around 30 NHS trusts in England had already been held ransom to cyber blackmail.
Dan Taylor highlighted seven known data security challenges in the NHS:
- Unsupported OS browsers
- Inappropriate staff training
- Poor leavers, movers and changes processes for staff
- Too many privleged system accesses
- Significantly reduced investment funding
- Limited situational awareness of cyber preparedness locally
- Social engineering – sophisticated spear phishing
In this instance, it was the NHS’s failure to apply the March Windows OS update that left them exposed to Wanna Decrpytor. Unfortunately, this is unlikely to be the last of such attacks on the NHS.
What is ransomware?
Ransomware is used by blackmailers to demand payment from their victims in return for the release of their hijacked computers or systems. It can spread in many ways such as a link in an email or PDF, or a password-encrypted ZIP file which contains a PDF. These emails are sent under various guises, such as fake invoices, job offers, security warnings and undelivered email. Basically, the blackmailers encrypt your files so you can’t access them, then demand payment for the encryption key.