On 13th May 2017, the NHS, and tens of thousands of other computer users were hit by a global ransomware attack that rendered them unable to use their devices or access the internet. These attacks are part of a newer trend within internet crime called “ransomware”.
But what is this new style of attack, and how is it different to the usual email spam that we’re all so used to? Above all else, why was the NHS so vulnerable to such an attack?
Ransomware, and the strain used specifically in May’s attacks – a program called WannaCry – infects a user’s computer and encrypts their personal files, meaning that they are completely unable to do anything with their device, including access their documents or use the web browser. The software then displays a chilling message demanding payment (many of the reported “ransoms” were in the region of $200 per device) to unlock the device and allow the user to access their files once more.
How does ransomware infect a computer? Like many computer viruses, the malicious code can replicate and spread itself among networked computers, hiding in dodgy email attachments (much like the general email spam we receive every day), causing untold havoc within large organisations that rely on vast computer infrastructure; such as the NHS.
Why was the NHS so vulnerable? Annoyingly, much of the NHS uses an outdated operating system, Windows XP. First released in 2001, this version of Microsoft’s flagship operating system became one of the most successful software releases of all time, appearing to power every computer in sight. Of course, operating system updates kept this version of the software secure for users that didn’t upgrade to subsequent Vista, 7, 8, 8.1 or 10 versions of Windows. The cost of upgrading this operating system across the entire NHS would have been enormous, and as a result, it was forgone, with much of the service opting to take advantage of Microsoft’s decision to offer extended support for the OS up to 2014. That would, in theory, keep Windows XP updated with fixes to prevent more modern and complex computer viruses and malware from infecting the devices.
Of course, when this extended support ended in 2014 (five years after the mainstream support for the system ended), much of the NHS began to upgrade their computer systems – a very time consuming and expensive process.
This strain of ransomware could exploit vulnerabilities in these remaining devices operating on Windows XP, and was able to spread itself rapidly throughout the network, causing the widespread outage.
How would users be able to keep themselves protected from this sort of attack? In simple – back up! Having a copy of your most important files on a cloud storage device, or external USB storage system means that the hackers cannot hold your data to ransom, as you have a spare and safe copy. Also – a good practice would be to frequently update your operating system and anti-virus software; although it can be time-consuming, some of the most important benefits of doing so go far beyond the obvious new features, many of them are keeping you and your data safe from viruses. These practices should keep you safe from many types of virus, spread over network or within general internet spam.
Furthermore, it is always crucial to avoid clicking on, or opening attachments in, any emails that you don’t completely trust. MailCleaner makes it easy to filter out malicious emails before they reach members of your team, making it much harder for viruses such as this to spread.