NHS Cyber Attack – A Sign of the Times
What Happened?
This may seem only relevant if you were affected but you will see, this sort of attack is very common.
The NSA lost a lot of information in 2016 that related to tools that may or may not have been for espionage or just for computercyber Germany spying on individuals.
A group called The Shadow Brokers managed to steal complete toolkits that they later released online. Embarrassing as this was for the NSA, they should have moved quicker to educate the providers of systems that could have been attacked with this toolkit. Should they have provided solutions as well? From an ethical view point I would say yes.
One of the tools stolen was linked to a Zero Day Vulnerability that would allow malicious code to be executed.
Microsoft usually releases updates on what has become known as Update Tuesday, but broke with tradition on Friday 5th April 2017 when it released an emergency update.
On Wednesday 10th April the National Health Service (NHS) in the UK was one of hundreds of organizations globally that suffered a Ransomware Attack. The attack affected Hospital Trusts in England resulting in cancelled appointments and cancelled operations due to the inability of staff to access patient records.
In fact, the NHS went into panic mode; turning off computers across the country to prevent the spread of the malware.
Lets be fair here, although the NHS was affected, so were millions of other computer systems, maybe even one of your computers.
So why did this happen? Lets focus on one very important piece of information that came to light quite quickly; the ransomware was particularly useful when used in conjunction with an attack vector that focused on attacking older operating systems such Windows XP and Windows 7.
Unsupported Operating Systems