On Friday the 20th May, the NHS was hit with a massive cyberattack, causing systems in several hospitals to be affected and patients transferred elsewhere.
The attack happened internationally, with 74 countries across Asia and Europe being affected, including Fedex and Russia’s biggest bank, Sberbank.
The ransomware virus, dubbed WannaCry, is an updated version of the Wanna Decryptor ransomware. It demanded a bitcoin payment to unlock files after the hacker broke into the computer system and locked everything down. If the user doesn’t pay, the price will go up and the files will all be deleted after a certain amount of time.
The NHS Trusts that were affected shut down their systems to protect from further infection, meaning that there was no access to appointment or patient records. This caused some departments to be completely shut down, with ambulances being redirected to the nearest operational hospital and appointments being cancelled. It was the biggest hack the NHS has experienced in its lifetime, and it cost us, as a nation, dearly - and not just in the ransom money.
Leaders including Nicola Sturgeon and Theresa May held crisis meetings in an attempt to stem the effects of the issue.
However, the medical community seems to think it will happen again. Neurologist Dr Krishna Chinthapalli published a paper in the British Medical Journal stating: “We should be prepared: more hospitals will almost certainly be shut down by ransomware this year.”
Ransomware has become an epidemic, spreading throughout the UK and across the world. The attack was nowhere close to the first, but it was the biggest, most coordinated attack we’ve seen of its type so far. And it’s not over yet: just a month after the NHS attacks, on June 27, another ransomware attack occurred in the Ukraine and is thought to be derived from the malware used in the NHS attack. Government websites and services were down and the power grid was affected, with the virus quickly spreading to other parts of the world - including the UK, where WPP were affected.
So what can we do about it? How do we protect our companies, our personal files, the NHS and our country?
The Wanna Decryptor strain of ransomware was well-known in the community, and yet a simple update crippled the NHS, with a further update crippling one of the largest advertising agencies in the world, as well as Ukrainian servers. So how do we stop a third attack? How do you stop your business becoming targeted? Or even your home computer with personal files?
There are some steps to take to protect from ransomware.
As ransomware is usually put onto a computer system within an email or file, a user usually has to perform an action to infect the computer and allow the hacker access. So, the first line of defence is to not take that action.
• Do not open any unsolicited files
• Do not open any suspicious files
• Do not open any files that have not been scanned with antivirus software
• Do not click any links in emails you weren’t expecting
• Do not visit websites without valid SSL encryption
• Do not visit websites without HTTPS.
The second line of defence is your operating system. It may sound silly, but updating your operating system when new versions become available can help with the security of your system. The developers working on the software will build it to encompass new features and streamline user experience, but newer OS should also have updated firewall protection and may be less susceptible to known virus attacks.
Another thing to keep updated is your anti-virus software. It is imperative to have some anti-virus software, and the bigger your company, or more confidential your files, the more protection you need. With each updated version of anti-virus software, whether you use Norton, AVG, or another, the developers will be tweaking the program to detect and remove new threats that have been discovered since the last version became available. So, having an anti-virus or firewall program that’s two versions behind the most recent could mean the system won’t detect certain new threats.
IT professionals should routinely scan the computer network, and any breach should be investigated. All files should be scanned, your OS should be up to date and so should your anti-virus software.
Will this prevent more attacks?
Some believe that the enormity of the attack on the NHS was partly due to the older OS the system is run on, and that more up-to-date protection may have minimised the damage. However, ransomware attacks do still happen, and the best way to make sure they don’t keep happening is to train all employees on cyber security measures and have trained IT professionals to point out weaknesses in the system so that they can be strengthened.
247 Investigations strongly believe in the importance of your right to privacy, which is why we have a new and improved encryption certificate to protect your data.
If you’d like more information on cyber security, please check out our other posts at https://247investigations.co/blog/index.php