“It is the biggest ransomware attack ever” – Europol representative Jan Op Gen Oorth for The Washington Post.
Imagine waking up for heart surgery—after a ten month waiting period—and going to the hospital only to realize you can’t undergo your treatment due to a worldwide ransomware hack. This is the reality of today’s volatile, connected world.
On Friday, May 12, a massive online attack—by the group “Shadow Brokers”—occurred across tens of thousands of computers, with more than 150 countries affected. The security flaw reported as the source of the attack, known as Wanna Decryptor, exploited a flaw in leaked NSA documents.
The malware began to spread Friday from Britain’s National Health Service due to a Windows vulnerability, forcing computer owners to pay money or risk data loss. Windows reportedly released a patch to fix vulnerabilities on or before March 14. However, the hack’s success shows that there were larger issues at play.
“Data released under the Freedom of Information Act in December suggested 90 per cent of NHS trusts are using outdated software Windows XP, which is 15 years old and has been branded ‘obsolete’, leaving systems more vulnerable to attacks,” says Ben Spender of Daily Mail UK.
What the Ransomware Crisis Means for Healthcare IT
This unfortunate incident is a reminder for individuals to keep devices, servers, and PC systems up-to-date, and serves as a lesson for policymakers to rethink current strategies. Take for instance the following debate from last December: Tech companies and the FBI deliberated whether organizations should purposefully develop “back doors” for law enforcement usage.
“There is an overwhelming consensus in the technical community that even ostensibly ‘secure’ back doors put the systems into which they are incorporated at increased risk of outside attack and compromise,” said Matt Blaze, a cryptography scholar at the University of Pennsylvania.
The lesson is clear: Eventually, vulnerabilities will fall into the wrong hands and wreak havoc, no matter why they were executed. Healthcare organizations and their technology providers must be vigilant and work together to prevent weak infrastructures, develop and maintain security policies, train employees, and create policies that prevent cyber threats from escalating.
Protect Yourself from Ransomware Attacks
Security expert, Rohyt Belani, the chief executive of PhishMe, an email security company, said the capabilities of this malware were different from previous attacks. “This is almost like the atom bomb of ransomware,” Mr. Belani said to the NY Times, adding that this attack “may be a sign of things to come.”
So how did this hack happen, and how did it spread so quickly?
The malware was distributed via email. Targets were sent an encrypted file that, once loaded, allowed the ransomware to infiltrate and go undetected by security systems until the victim opened the files. And once opened, the ransomware replicated across the network to the rest of the connected computers.
As with many crises, there’s a lot of finger pointing as to who’s to blame. Take this incident as a learning opportunity to improve your security measures for both personal business use—and take accountability for the role you play in cyber security.
- Windows users, make sure to update your system to protect yourself against weaknesses. If you have not set up automatic updates, this is highly recommended.
- Turn off your computer at night when it’s not in use
- Use reputable anti-virus programs to remove malicious software from your computer
- Use firewalls
- Back up your computer systems regularly, and develop a comprehensive disater recovery plan
- Train your team to overly cautious about clicking links inside emails or using suspicious websites
- If you receive a ransom note, disconnect from the Internet
- Take the necessary steps to minimize the effects of the breach, such as investigating, reporting the incident, and either locking down or isolating unaffected systems.
An incident of this magnitude surely raises questions and sheds light on the state of cybersecurity. However, reports show that healthcare organizations are not investing (enough) in cyber security and are running on outdated systems. When will this change?
OnRamp has evaluated thousands of infrastructures and provided guidance on how to resolve security gaps. We specialize in high-tech security and compliance solutions for healthcare organizations and similar businesses with sensitive data. Learn more about our managed security services, and contact us to discuss your options.