Not the NHS! National Health Service Trust hit by cyber attack
NHS Trust hit by a severe IT security breach. Hospitals and GPs reportedly being held to ransom and people in certain areas across the UK are being advised not to go to A&E unless it’s a life threatening emergency.
The BBC explains “NHS services across England have been hit by IT failure, believed to be caused by a large scale cyber attack. GPs are resorting to using pen and paper, and phone and IT systems have been shut down.”
It’s thought that 16 hospitals across the UK have been affected. One NHS IT worker has commented “This is the largest outage of this nature I’ve seen in the six years I’ve been employed with the NHS.”
Read: the full BBC article on the NHS cyber attack
From initial reports it would appear as though the ransomware that was used to attack the NHS IT system is WannaCry, the same one that was used to hack Telefónica this morning. Internal systems of both companies have been affected; including archives and databases, intranet, networks, Windows operating systems.
Ransomware is a form of malware that basically locks the user out of their computer with the expectation that a payment is made to the attacker.
A twitter user and lecturer in IT security has tweeted about the similarities of the Bitcoin address used to get payments in both attacks.
The warning on workers’ computers says “Your important files are encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.” And the hackers appear to be asking for £235 per computer which equates to 0.17 bicoins. Ransomware values usually increase over a period of time, for this attack and this particular ransom, the payment requested by the attackers will increase on 15 May 2017 at 14.57 – see image above – and if the ransom isn’t paid by 19 May 2017 at 14.57 all data will be deleted from the hospital databases.
This hack comes after another attack on Barts Health Trust systems with a similar ransomware four months ago and follows reports in March last year that NHS hospitals are ‘ripe and vulnerable targets’ for ransomware cyber attacks. Microsoft had also warned in March of this year about the threat of hackers reportedly exploiting a critical vulnerability.
In a statement, NHS Digital are said to be “working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.”
Read: the full BBC article on the NHS cyber attack
What does this mean for you?
Cyber security experts are in high demand around the world and evidently much needed by all businesses big and small in order to prevent attacks and provide solutions when things do go wrong.
Get certified in a cyber security course such as the CEH certification – Certified Ethical Hacker, and learn the skills required to help organisations in the future protect themselves and the UK population from these huge and dangerous threats.
See also: Cyber insecure? The threat to businesses worsens
Who knows, in a few years time you could be working to secure the networks and internal systems of companies like the NHS and Telefónica.
