NHS Ransomware Attack: A Look Back
1st August 2017

With the WannaCry crisis over, we take a look at exactly what happened and how it could have been prevented.

What happened?

In May 2017, the UK’s National Health Service was brought to a halt by malicious software which locked up its computer systems.

At least 16 local NHS services around the company were affected. As a result, patients were turned away from appointments, emergency patients had to be diverted to other hospitals, and in some cases surgeries had to be postponed, with GPs resorting to pen and paper.

What sort of attack was it?

Known as WannaCry, or WanaCrypt0r2.0, it was a ransomware attack which simultaneously affected large companies in over 150 countries. The bug worked by locking up all the files on an infected PC and encrypting them, meaning they could not be accessed.

A message demanded bitcoins, a type of online currency, in return for the files, and threatened permanent deletion.

How did hackers access systems?

This virus exploits a vulnerability in a Microsoft operating system. A patch had actually been released to fix the weakness in March, but it was not installed on all PCs, possibly due to outdated computers and funding issues. Once it had infected a single PC, it spread between computers using local networks.

What can my business do to prevent similar attacks?

Prevention is the best form of defence. If all your information is backed up daily, the threat of deleted files shouldn’t worry you too much. If you only have one copy, however, you may be in trouble. Make sure you back up all your files regularly.

As in the case of WannaCry, the infected PCs had not been updated. Don’t ignore those pesky pop-ups telling you to update your computer, as they often contain patches to fix known issues.

Finally, be wary of opening emails and links from unknown or unusual-looking senders. If you become the victim of a ransomware attack, official advice is not to pay up, as there is no guarantee you will receive your files back. Advanced anti-virus software can remove the virus, as can putting a PC into “safe mode” and removing infected files.

If you are concerned about your potential exposure, please contact us on 01442 286910 or info@eicinsurance.co.uk about dedicated cyber liability insurance, which can help your business recover from a cyber attack or data loss.

Recent Articles
8th August 2022
30th June 2022
23rd September 2020
Ready to find out more? Call us on 01442 286910

Make an enquiry

Let us know your needs and we’ll be in touch shortly.

    * Required. Please do not submit any sensitive data. A member of our team will get back to you on the same working day