NHS ransomware revelation: a reality check up

Of the 60 NHS Trusts that responded to the FOI request, 31 withheld the information – with many citing patient confidentiality.

But of the 29 NHS Trusts that did share the information, 28 of them (97%) confirmed they had suffered a ransomware attack in the last 12 months.

Ransomware attacks on public infrastructures have been rife throughout the UK and USA in recent years and it begs the question as to why solutions to these attacks haven’t been developed and implemented.

Emily Orton, director at Darktrace comments: Automated attacks are always going to be very difficult to defend against. As we start to see AI attacks in the future, this is only going to get harder. The best way to deal with this continual challenge is by implementing ‘immune system’ defences within the organisation, not just trying to protect the border.

>See also: Ransomware on the rise

AI cyber security technologies that can begin to automatically heal infected systems immediately after an attack will provide some remedy for the cyber attack pandemic.

However, Orton is less optimistic and suggests “the recent wave of ransomware marks the beginning of a new era of automated attacks. No security team can possibly keep up with their speed”.

So what can be done? Jonathan Lee, UK healthcare sector manager at Sophos has provided Information Age with how to prevent, or at least reduce the impact of impending ransomware attacks.

Backup regularly

There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete.

Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

Don’t enable macros

Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure.

A lot of malware infections rely on persuading you to turn macros back on, so don’t do it.

>See also: 97% of NHS Trusts have suffered a ransomware attack in the last 12 months

Be cautious about unsolicited attachments

The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, leave it out.

Don’t give yourself more login power than you need

Most importantly, don’t stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other “regular work” activities while you have administrator rights.

Consider installing the Microsoft Office viewers

These viewer applications let you see what documents look like without opening them in Word or Excel itself. In particular, the viewer software doesn’t support macros at all, so you can’t enable macros by mistake.

>See also: What can be done to better manage big data in the healthcare sector?

Patch early, patch often

Malware that doesn’t come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit.

Keep informed about new security features added to your business applications

For example, Office 2016 now includes a control called “Block macros from running in Office files from the internet” which helps protect you from external malicious content without stopping you using macros internally.

Open .JS files with Notepad by default

This helps protect against JavaScript borne malware by enabling you to identify the file type and spot suspicious files.

Show files with their extensions

Malware authors increasingly try to disguise the actual file extension to trick you into opening them. Avoid this by displaying files with their extensions at all times.

>See also: Mobile tech and the NHS: how to close the skills gap

These preventative measures are useful, but it is going to take autonomative technology being implemented into cyber security to see significant results in the battle against invading ransomware.

The recent information from the FOI report should be a massive reality check for the healthcare sector, and investment in new technology should be a priority.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Ransomware