row of light bulbs with one different from the others.jpeg

Insight across the world of business technology.

Our view on how technology affects our everyday lives - Customer Experience, Collaboration, CyberSecurity, Cloud, Unified Communications and IT.

What the NHS cyberattack means for your business

Posted by Carl Davies on 13-May-2017

The NHS has engineers working around the clock right now, to tackle an unprecedented cyberattack.

The ransomware "WannaCry" (variants on the name) took down NHS systems, as well as organisations across 99 countries, spreading rapidly since yesterday afternoon.

The BBC stated about 40 NHS organisations and some medical practices were hit, with operations and appointments cancelled.WHAT WAS THE ATTACK?

 

NHS Trusts, GP surgeries and hospitals across the UK were affected. They included hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire, as well as Liverpool and Greater Manchester. 

NHS England declared a major incident response. NHS Digital called on the National Cyber Security Centre, the Department of Health and NHS England to support organisations and recommend appropriate mitigations.

There's no evidence that patient data has been accessed.

IT systems were shut down in order to protect them, which meant that all systems were offline and hospitals were unable to accept incoming calls.

“To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need," an NHS Trust spokesperson said.

Barts Health Trust, the largest NHS trust in England, was hit by a ransomware cyber attack in January.

 

WHY DID IT HAPPEN TO THE NHS?

The crisis reflects weaknesses in the NHS systems.

A Freedom of Information request found that NHS Trusts use the unsupported Microsoft Windows XP which has not updated security for years.

But NHS Digital said this was speculation. "We can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7%, with this figure continuing to decrease."

The attack appeared to exploit a weakness highlighted in secret CIA documents released by WikiLeaks in March, according to Ross Anderson, a Cambridge University computer security expert.

The publication of those documents led Microsoft to issue a "critical" software patch to close the loophole. But, the NHS might not have installed this last month. These factors could apply to all other organisations affected. 

 

HOW VULNERABLE ARE YOU TO ATTACK?

Ransomware is a malicious software that installs code onto every device throughout a network. The software is normally contained in an attachment or link in an email that masquerades as something innocent.

Once opened, the program locks the device and encrypts your data, then demands a ransom to unlock it. In this case, $300 in bitcoin (£230).

The best defence against ransomware is a layered defence. Anti-virus software protects the device from outside attacks, patched operating systems will ensure the latest loopholes are closed, off-machine backups ensure you are not at the mercy of ransoms and informed users are crucial. If one of these defences fails, you can rely on others. If one machine gets infected, you can shut down the machine and stop the spread of malware across the network.

Informed users are a vital part in the defence. Your employees need to know your security plan and the role they play to reduce risks, and, in the event of a breach, to stop the widespread impact. Hackers develop increasingly sophisticated methods to get into the network.

The best operating system can’t protect your network when employees are tricked into running software via links and downloads from innocuous emails or other sharing tools.

Often, we only think about the actual shut down and loss caused by the attack; we do not reflect on the longer term business impact, such as:

  • Theft of financial information
  • Internal disruption
  • Loss of trust
  • Financial penalties
  • IT costs

It is impossible for any business to be 100% secure. However, it is essential that businesses not only have a security solution in place to reduce the risk, but also have an appropriate plan in place to address breaches if or when they occur.

 

WHAT SHOULD YOU DO IF YOU ARE ATTACKED?

In the event of an attack, the standard response is to shut down all computers and shut off the connection to the wider network.

Liverpool GP Dr Chris Mimnagh, a GP in Liverpool, said his surgery “severed links” to the wider NHS network as a precaution.

He said: “Unable to access our clinical system – as a precaution our area has severed links to the wider NHS, which means no access to our national systems, no computers means no records, no prescriptions, no results, we are dealing with urgent problems only, our patients are being very understanding so far.”

This only highlights the vulnerability of shared networks and organisations. Constant development of cybersecurity measures is absolutely essential to ward off increasingly sophisticated and targeted attacks.

Organisations need the right level of technical expertise and resources for their needs.

 

 Contact Telefonix Voice & Data

Topics: Cybersecurity

Carl Davies

Written by Carl Davies

Carl is no stranger to cutting edge tech, having led many marketing and strategic initiatives across complex technology portfolios. He has played key roles in technology businesses, from the launch of the UK’s first cable broadband services to the some of the first mobile data value added services offered in continental Europe.   With more than 25 years commercial experience across multiple management role disciplines in sales, marketing, customer services, operations and IT, Carl has spent most of his career in the technology and communications sector.  Prior to Telefonix, Carl served as CMO for creative and virtual reality technology experts, Happy Finish, putting marketing at the heart of the company to drive a market leading reputation, supporting growth, and improving the performance of the company.  Previous to that role he served as Global Marketing Director at BAE Systems Applied Intelligence, where he led the repositioning programme of the Cyber & Fraud Technology and Data Intelligence business into BAE Systems and transformed the company’s digital marketing approach. Outside of work, Carl is a bit of a car fan, keen DIY'er, avid gardener, and all round tech geek.

Want some help or advice, why not contact us?