Last week, the NHS saw one of the biggest cyber-attacks to date, encrypting over 230,000 computers in almost 150 countries. Although the attack was stopped, the ransomware was able to drastically impact the operation of many NHS Trusts, including GP surgeries, hospitals and more. There is no denying that the rapidly spreading WannaCry has shaped the future of cyber-security across the world, but the question is knowing what we know now, what could have been done to prevent the attack and how can we ensure we are protected in the future?
What is WannaCry?
WannaCry (or WannaCrypt) is a ransomware programme that targets Microsoft’s Windows operating system, usually infecting computers through a phishing email or by targeting vulnerabilities in unpatched systems as a computer worm. Although it is not clear who was behind this attack, the ransomware encrypts data on the computer, demanding ransom payments in the form of cryptocurrency Bitcoin, which can be incredibly difficult to track.
What can be done to prevent ransomware attacks like this?
Investigations suggest that the WannaCry ransomware software first entered NHS systems through a vulnerability in the outdated Windows XP operating system, of which Microsoft ended official support in 2014. These means that computers still operating on Windows XP or early Windows Server operating systems did not receive the recent patch that was released for current operating systems, which could have prevented the wide-spread infection.
Microsoft has since taken steps to prevent the spread of the malware by releasing a fix for versions of Windows that it had previously retired, including the once highly popular Windows XP. It seems that this vulnerability served as the main entry point for the ransomware, suggesting that, had the systems been kept up to date and had the proper security software in place, the breach could have been avoided.
Learning from the attack
In light of the attack, the NHS are working with cyber-security firms to increase their cyber-security and remove vulnerabilities like this to prevent future attacks. Microsoft have also taken steps to protect all users against threats by releasing updates for the majority of current and retired systems which removes this fatal flaw, but they advise that all users take extreme caution with emails from an unknown sender, especially those containing suspicious documents or links. The best practise is to protect your computer with an up-to-date antivirus, and making sure that your computer is running the latest version of a supported operating system.
Protecting your business
If you’re in a business environment, the best option is to consult a cyber-security expert who will be able to work with you to establish security procedures and implement protection software, backed up by a secure back-up solution to ensure that you are protected in the event of a disaster.
To find out more, visit our website here or speak to a member of our cyber-security team on 0207 653 9780.