May 12, 2017
Debilitating Cyber Attack Hits the NHS
When we talk about worst-case cybercrime scenarios, the NHS comes up high on the list. Unfortunately, East and North Hertfordshire NHS Trust has released a statement: “Today (Friday, 12 May 2017), the Trust has experienced a major IT problem, believed to be caused by a cyber attack.”
Although little has been confirmed, Twitter users using the hashtag #nhscyberattack in Greater Preston and Essex have reported a lock-out. Photographs of the lockout screen show a ransom of just €300 in bitcoins - but as any cyber security expert knows, there is often more to Ransomware than meets the eye. For example, a hospital in Kansas, USA, was faced with multiple demands for payment. The malware in question appears to be called, ‘Wana Decrypt0r 2.0’, of which little is known.
“Immediately on discovery of the problem, the Trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls.
“The Trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency.”
Hospitals are vulnerable because they must retain highly sensitive, personal information and often rely on outdated systems. Due to these vulnerabilities, many hospitals must pay ransoms to avoid patient data from falling into the wrong hands.
Healthcare providers have been favourite targets of criminals, and recent research by the Herjavec Group suggests attacks would quadruple by 2020. Although the increase of digitisation of information in the healthcare industry makes things more convenient and accessible, it also creates a new opportunity for criminals.
Hospitals have been attacked all over the globe, including an attack at a Hollywood hospital, which was forced to pay a ransom of $17,000 (£11,890 in 2016) to regain access to their files.
What can organisations do to protect themselves? Andrew Stuart, Managing Director of Datto EMEA, says “Companies need to have a cybersecurity strategy in place because it's becoming increasingly inevitable that they will be targeted. Staff education should be constant, and the right technologies need to be in place across the company, both preventative – firewall and antivirus – and backup. Many don't consider backup essential to their strategy but, if a company gets hit with ransomware, they will have the ability to roll back to a point in time before the attack to access non-infected data.”