Latest Cyber Attack Hits NHS

May 13, 2017
Colin Prime-Moore

A massive cyber-attack took hold and quickly spread on Friday with over 75,000 variants across the world of the ransomware known as WannaCry (reported by cyber-security firm, Avast), including countries such as Russia and China. Amongst the worst hit was NHS England and Scotland in the UK.Clinicians quickly reporting that computers were rapidly going down across hospitals, causing chaos to crucial IT systems, in some cases operations being cancelled and A&E being severely affected.  Some of the worse affected trusts have declared this a a major incident.

​The ransomware seem to be deployed via a worm – a program that spreads by itself between computers. Most other malicious programmes rely on humans to spread by tricking them into clicking on an attachment containing the attack code. However,  once WannaCry is inside an organisation it will hunt down vulnerable machines and infect them too. As healthcare trusts have a much higher dependency on legacy systems (e.g. Windows XP and Windows Server 2003), the ransomware found easy targets in the NHS  and vulnerabilities to exploit.

A patch for the vulnerability was released by Microsoft in March, which would have automatically protected those computers with Windows Update enabled. Microsoft said on Friday it would roll out the update to users of legacy operating systems “that no longer receive mainstream support”, such Windows XP, Windows 8 and Windows Server 2003.

Recommendation: NHS Trusts need to urgently apply the patch : MS17-010  to remain protected from this outbreak. Longer term, this demonstrates the need to stay updated, fully patched and on the latest version of the operating system. Not all outbreaks are caused by human intervention, however WannaCry exploits vulnerabilities that already exist automatically. Moving to Microsoft Windows 10 is achievable for NHS trusts, and something that with advancements in Windows Update – would have protected trusts against this threat.