Accessability Links
Job Search

Everything you need to know about the NHS cyber security attack

16 May 17 - 10:24AM  | Information Security
Everything you need to know about the NHS cyber security...On Friday (May 12th), a global cyber security attack hit the UK's NHS system, plunging the health service into chaos, with operations cancelled and medical practitioners prevented from accessing crucial patient information. 

The NHS was among the most high-profile victims of the breach, but it was by no means the only organisation to suffer. Reports suggest the attack hit at least 150 countries and Chinese authorities believe as many as one million individual terminals have been affected worldwide.

Let's take a closer look at the nature of the threat, how it unfolded and what organisations are doing to protect themselves from ongoing problems. 

What is WannaCry? 

WannaCry is the name given to the malicious software that has been infecting businesses, public sector agencies and other organisations worldwide over the last few days. 

It is a form of ransomware, which locks down IT systems and stops victims from using applications or accessing data. Last year, we highlighted how businesses may be unprepared for this type of threat and ransomware has ranked in numerous studies as a key cyber security risk in 2017.

According to the Financial Times (FT), hackers stole a tool called Eternal Blue from the US National Security Agency to "supercharge" an existing version of WannaCry that had already been used earlier in the year. 

While ransomware usually infects individual computers via email, the new WannaCry is able to spread laterally through networks of different organisations. The FT said Eternal Blue does this by enabling the malware to exploit file-sharing protocols. 

WannaCry locked users out of their files and demanded $300 (£230) to restore them. Organisations are told their data will be deleted within seven days if a payment isn't made. Figures from Elliptic Labs suggest only $50,000 had been paid as of 5pm on Monday (May 15th). 

Why was the NHS so badly hit?

While WannaCry has affected thousands of organisations across the globe, most of the media focus in the UK has centred on the NHS. 

The health service cancelled numerous operations and still hasn't recovered from the attack after bringing patient records offline in an effort to protect data. 

One of the reasons that the NHS was such an easy victim for ransomware is that some NHS trusts are still running Windows XP - an operating system that was launched more than 15 years ago. 

Mainstream support for Windows XP ended in 2009, while extended support stopped in 2014. That means many NHS IT networks are running on systems that are outdated and incapable of neutralising sophisticated threats.

Media reports suggest that prime minister Theresa May, acting as home secretary in 2015, failed to renew a £5.5 million contract with Microsoft to provide customised support for Windows XP. Meanwhile, trusts with more modern systems have allegedly been slow to perform routine updates. 

However, the NHS was just one of many well-known organisations to be struck down. Portugal Telecom, Nissan, Renault, Deutsche Bahn, and FedEx also confirmed their systems were hacked. 

How has the NHS countered the threat?

Cyber security experts have been working hard over the weekend to patch their systems and bring key infrastructure back online. 

According to the Daily Telegraph, health officials sent a patch to NHS IT staff on April 27th that would have protected them from the attack. Defence secretary Michael Fallon said the government is already investing £1.9 billion for cyber security protection in the UK. 

"We're spending around £50 million on the NHS cyber systems to improve their security. We have encouraged NHS trusts to reduce their exposure to the weakest system, the Windows XP," he explained.

"We warned them, and they were warned again in the spring. They were warned again of the threats."

The spread of WannaCry is thought to have been temporarily halted by a self-taught IT expert who accidentally activated a kill switch. Marcus Hutchins, a 22-year-old known as Malware Tech online, purchased a domain name hidden within the malware's code for just £8 that acted as an emergency stop on the spread of the virus. 

Mr Hutchins is now apparently working with the UK Government Communications Headquarters to prevent further attacks during this week. 

The aftermath of WannaCry 

While WannaCry remained a threat at time of writing, reports claim the spread of the malicious software was slowing down. 

Nevertheless, Mr Hutchins warned organisations that cyber criminals are likely working on new versions that don't have the same kill switch that enabled him to mitigate further infections. 

Anyone running Windows operating systems should be on high alert over the coming days for further developments. Users have been advised to install any security updates immediately and watch out for new patches that antivirus companies release to combat the threat. 

Given the scale of the incident and resulting media coverage, many organisations are likely to evaluate their current cyber security prevention measures and consider strengthening IT and security teams. 

Our 2017 Market Report combines our review of the prevailing conditions in the security & resilience recruitment market together with the results of our latest employer survey.

Image: Marbury via iStockADNFCR-1684-ID-801835870-ADNFCR
Related headlines
Teens set to receive cyber security training to plug skills gap
Teens set to receive cyber security training to plug skills gap
16-08-2017 Skills shortages have been a common topic in the cybersecurity world over the last few years. We recently covered the...
Accenture unveils digital and cyber security hiring spree
Accenture unveils digital and cyber security hiring spree
04-08-2017 Accenture has significantly strengthened its UK workforce, with the consultancy recruiting approximately 1,700 new staff...
How big is the UK's cyber security skills gap?
How big is the UK's cyber security skills gap?
31-07-2017 It will hardly come as a surprise to many of our readers that the UK is suffering from a cyber security skills shortage....


Search More News
Open the calendar popup.
Open the calendar popup.

News Archive
August, 2017 (6)
July, 2017 (7)
June, 2017 (5)
May, 2017 (8)
April, 2017 (6)
March, 2017 (8)
February, 2017 (8)
January, 2017 (5)
December, 2016 (4)
November, 2016 (5)
October, 2016 (5)
September, 2016 (5)
August, 2016 (4)
July, 2016 (5)
June, 2016 (5)
May, 2016 (3)
April, 2016 (5)
March, 2016 (4)
February, 2016 (9)
January, 2016 (7)
December, 2015 (8)
November, 2015 (5)
October, 2015 (5)
September, 2015 (5)
August, 2015 (1)
July, 2015 (4)
June, 2015 (7)
May, 2015 (7)
April, 2015 (7)
March, 2015 (10)
February, 2015 (11)
January, 2015 (2)
December, 2014 (21)
November, 2014 (25)
October, 2014 (23)
September, 2014 (25)
August, 2014 (20)
July, 2014 (23)
June, 2014 (33)
May, 2014 (34)
April, 2014 (34)
March, 2014 (34)
February, 2014 (34)
January, 2014 (36)
December, 2013 (33)
November, 2013 (34)
October, 2013 (34)
September, 2013 (34)
August, 2013 (34)
July, 2013 (33)
June, 2013 (34)
May, 2013 (30)
April, 2013 (37)
March, 2013 (38)
February, 2013 (30)
January, 2013 (34)
December, 2012 (28)
November, 2012 (37)
October, 2012 (15)
March, 2012 (31)
February, 2012 (25)
February, 2011 (59)
January, 2011 (58)
December, 2010 (61)
November, 2010 (40)
October, 2010 (40)
September, 2010 (59)
August, 2010 (39)
July, 2010 (40)
June, 2010 (38)
May, 2010 (38)
April, 2010 (38)
March, 2010 (38)
February, 2010 (40)
January, 2010 (41)
December, 2009 (40)
November, 2009 (39)
October, 2009 (42)
September, 2009 (37)
August, 2009 (38)
July, 2009 (39)
June, 2009 (41)
May, 2009 (37)
April, 2009 (40)
March, 2009 (51)
February, 2009 (50)
January, 2009 (48)
December, 2008 (50)
November, 2008 (54)
October, 2008 (50)
September, 2008 (58)
August, 2008 (60)
July, 2008 (15)
 
Alex JozsaIT Audit
London
Andrew WhyteManager, Interim Solutions, Internal Audit
London
Daniel ClosePresident
New York
David HornsbyDirector, Banking & FS Internal Audit
London
David JarroldRegional Internal Audit, Risk & Control
London
Erin LeaderVP – Business Internal Audit
New York
Gabriel MooreConsultant
London
Gareth CarpenterRegional Director – Americas
New York
Hannah RussellAudit
London
Irma BoulderstoneBanking & FS Internal Audit
London
Russell BunkerAudit, Info Security & Technology Risk
Singapore
Steven DriverInternal Audit, Risk & Control
London
Tim SandwellDirector, Europe & Middle East
London
Vickie ChanAssociate – Internal Audit
New York
William WilcoxVice President
New York