On Friday 12th May a strain of ransomware called WannaCry took the world by storm affecting more than 200,000 systems globally. The aftermath of this ransomware pandemic is still ongoing with many NHS patients still facing cancelled appointments and operations even days after the hack.
What is WannaCry?
WannaCry is a strain of ransomware which encrypts files on a user’s computer rendering them inaccessible. To retrieve the files a ransom of $300 in bitcoins must be paid. If you fail to make the payment within three days it increases to $600. If you still fail to make the payment after one week, all encrypted files will be deleted and you will be unable to access your data.
Who has WannaCry affected?
While the most high profile victim of this damaging hack is the NHS, one of Spain’s largest organisations Telefónica was also infected by the harmful malware. With 340 million customers and a wealth of sensitive data, it is of no surprise that this telecommunications company was a target of such an attack. Other countries heavily targeted by WannaCry include: Russia, India, Ukraine and Taiwan.
Most notably for the UK, the NHS once again made headlines after becoming a victim of the biggest outbreak of ransomware in history. While they were not able to see the true scale of damage caused until Monday morning, not only did they have to worry about desktops with sensitive patient data but also about lifesaving equipment like heart monitors.
Over the past few days GP’s, clinics and hospitals have had trouble accessing patient records, appointment schedules and phone systems.
Amber Rudd, the home secretary, would not confirm whether they had backed up patient data but she was assured that the NHS would upgrade software immediately.
While Microsoft had released a software update that fixes the problem in March. Despite being warned by NHS Digital, many of the trusts still failed to update the patch leaving them vulnerable to infection. Shockingly, late last year it was also reported that many NHS trusts were using a version of Windows which had stopped providing security updates in April 2014.
Our recommendations:
At Equilibrium we still believe that when it comes to protecting your organisation, security solutions cannot be looked at in isolation. You must look at people, processes and the technical infrastructure you implement; the below are recommendations that relate directly to the ‘WannaCry’ attack:
- Patch Management – apply manufacturer software updates as soon as possible
- Don’t run out of date/unsupported manufacturer systems
- Implement advanced security systems – that can undertake advanced malware analysis and incorporate Intrusion Protection Systems
- Regularly back your data up – so that if you are impacted, you have a roll back point
It is important to keep up to date on the latest guidance from the NCSC, for some guidance on Ransomware please follow the link following link.
In the wake of the WannaCry ransomware attack, I appeared on BBC Radio Stoke and BBC Radio WM. Please take a listen to hear my tips on how to protect your networks from ransomware and other cyber threats: here.
If you have any concerns about the your security, or would like to discuss how you can keep your data safe from such attacks please do not hesitate to get in touch, you can call the office on 0121 663 0055.
If you would like to find out more about our service Ransomware Protect and sign up for your 14 day free trial please head to our webpage.