Last week’s large-scale ransomware infection is a sign of the escalating challenges facing cybersecurity. In the biggest ransomware outbreak so far, over 100.000 computers are believed to have been infected from Russia to Taiwan, including in institutions such as the NHS, Telefonica, FedEx, and Deutsche Bahn.
The ransomware is a variation of Wana Decryptor, which emerged two weeks ago. It attributed to a Windows vulnerability which hasn’t been patched across all systems.
Incident Director Dr. Anne Rainsberry said:
“We have been working with 47 organisations providing urgent and emergency care who have been infected to varying degrees.
“If you have a hospital appointment you should still attend unless you are contacted and told not to.
“We have also been offering advice and assistance to GP surgeries, who will open as usual.
“Again, if you have an appointment you should still attend unless contacted and told not to.
“People should continue to use the NHS wisely and remember that they can seek help and advice from a range of other sources, such as pharmacies.
“Bearing in mind the impact of the global cyber attack, I would urge people to be patient with staff.”
While the attack was stopped in its tracks, a kill-switch was found and activated by a cybersecurity researcher known as MalwareTech., The kill-switch doesn’t decrypt the files that are already lost, and it doesn’t appear that the encryption has its own flaw.
Last year, the NHS was revealed to have thousands of computers still running on Windows XP, which hasn’t been supported by Microsoft since 2014. The failure to update operating systems and applications is another key factor to the ransomware infection in the UK.
Given the high-profile nature of this vulnerability, Microsoft has released a security patch for its older systems to protect them.
Frost & Sullivan, A business consultancy said:
” Businesses need to invest heavily to match the growing threat of cybercriminal activity, in each of technology, internal security personnel and training of general staff to identify and avoid threats.”