NHS Ransomware Attack
Updated: Mar 8, 2020
The malware “WannaCry” swept the globe on March 12th 2017, leading to a global cyberattack that infected computers in 150 countries. The attack damaged large organisations such as FedEx, Deutsche Bahn, and Honda. Russia, Ukraine, India, and Taiwan were among those that were hit the worst. In Britain, the most damage was done to the NHS.
The WannaCry ransomware worked in the following way:
It first gained access to the network through vulnerabilities in Microsoft Windows.
It spread and replicated itself through corporate networks.
The ransomware then locked up and encrypted files so that the user could no longer access them.
A ransom of £300 needed to be paid to get them back; this money had to be transferred in bitcoins to the address the hackers had specified.
Due to the data-dependent nature of the NHS, this attack proved devastating. It led to a total cost of £92 million - £20 million during the attack week and around £72 million in the aftermath, in order to restore the computer systems. 200,000 computers were attacked, forcing 19,000 appointments to be cancelled. Doctors and nurses had to use pen and paper or their personal phones after being locked out of their computer systems.
The hackers thought to be behind this were a cyber gang called “Shadow Brokers”. The technology behind the WannaCry ransomware was stolen from the NSA (National Security Agency) where it was being developed to use against terrorists. This tool was called “Eternal Blue” and gave full access to all Microsoft Windows computers. This access allowed the gang to plant the ransomware in all Microsoft Windows devices. Microsoft has since patched up and protected users against the “Eternal Blue” tool.
Despite the extensive damage done to the NHS systems, it highlighted nationally the importance of cybersecurity as well as how destructive and expensive a cyberattack can be. The chair of PAC (the Public Accounts Committee, responsible for the Government's spending), Meg Hillier, said:
"The extensive disruption caused by WannaCry laid bare serious vulnerabilities in the cyber-security and response plans of the NHS.”
In a technology-driven world, where the value of data had now exceeded that of oil, data has become both fundamental and vulnerable. Even though the NHS lost millions of pounds, the damage done could have been more severe had the intentions been anything but monetary. The NHS holds personal data for millions, data such as medical history, previous treatments, and allergies. This is the data that saves lives. The expanding possibilities of technology make the next cybercrime even more unpredictable, and the stakes even higher. Important lessons are to be learned from WannaCry and more crucially, enough protection has to be put into place by large establishments such as the NHS.