cyber security lessons from the NHS cyber attack

In May the UK fell victim to perhaps its most high profile and damaging cyber-attack to date. NHS hospitals across the country were hit badly by the attack that caused a crippling in NHS services and brought health service to a halt in all those that were affected. A weekend of chaos commenced as hackers demanded ransom in order to free the infiltrated computers and regain access to vital medical records. Doctors warned that the attack would cost lives and cyber security professionals called it the biggest ransom ware outbreak in history.

Inadequate Cyber Security Measures

The key question here is why were the NHS computers not protected against malware? According to the press, hospital trusts in England were sent details of a security patch that could have prevented the attack but it was not enforced so many hospitals remained unprotected. It also transpired that 90% of NHS trusts in the UK use Windows XP- a 16 year old operating system that isn’t strong enough to protect against the intelligence of cyber invaders. Security experts noted that computers using an operating software introduced before 2007 were particularly vulnerable, confirming that this out dated system was partially responsible for the attack.

Inability to Deal With Ransomware

Ransomware is the most common type of cyber attack that affects businesses and individuals. It involves hackers taking control of a computer or a mobile device and demanding payment before the device is returned to its original operating condition. Once ransomware has infiltrated a system, it spreads rapidly across networks and locks files as it goes. All access to files is blocked until ransom is paid. These types of attacks can have a devastating impact, from losing precious personal data to shutting down hospital services in the middle of emergency procedures as exemplified by the NHS. The way to stop ransomware from taking hold is to invest in preventative measures. This is where an effective cyber security strategy comes in. There are many steps organisations have to take to safeguard their data against ransomware; the key is to learn them and implement.

Thankfully, nothing unfixable came from the NHS cyber-attack, but do you want to run the same risk? Sign your employees up to a cyber-resilience course to give yourself peace of mind that your data is secure; contact one of our cyber security specialists here for more information or to enrol.