Phone: +613 9415 6320

Rock IT

1st day of Hackmas

First day of Hackmas: The NHS ransomware attack that shook the world

The NHS cyber attack – the biggest randomware offensive in history and the event that brought Cybersecurity to the forefront of everyone’s minds.

This attack impacted a lot of National Health Scheme hospitals in England in May of 2017. And although the NHS was the most talked about victim, the attack actually affected many other countries.

Could this attack have been prevented?

Based on reports, the NHS were notified that they needed to upgrade certain key systems to close a security hole in Windows XP.

“£1.9bn had been set aside for UK cyber-protection – when cyber-attacks were identified as one of three main threats to the UK’s defences.

We’re spending around £50m on the NHS cyber systems to improve their security. We have encouraged NHS trusts across the country to reduce their exposure to the weakest system, the Windows XP.” – English Defence Secretary Michael Fallon

Microsoft stopped supporting Windows XP in 2014, meaning they were no longer rolling out security patches for an Operating System that was a then 15 year old system.

The Guardian reported that 90% of NHS trusts were using Windows XP at the time of the attack. Get your head around that! 90% of the NHS hospital system, that included life saving equipment, was running on obsolete computer systems that were not supported and obviously vulnerable to attack.

Globally, more than 300,000 computers were infected with the “WannaCry” ransomware and in Britain it was the NHS that was the worst hit.

Staff at these health service organisations were forced to revert to pen and paper, and use their own private computers and mobile phones – as the attack affected their telephone systems as well.

Patients were turned away from hospitals and doctor’s surgeries in parts of England as the organisations were left to deal with the ransomware which encrypted data on their computers and demanded payments of $300 to $600 to restore data.

How could this have been prevented?

  1. Don’t use obsolete equipment (Microsoft subsequently rolled out a patch for the old Operating System)
  2. Backup your data and get a Disaster Recovery Plan (ransomware is ineffective if you can simply restore your files from a recent backup)

Read more here.