NHS Hit by Ransomware Attack

The National Health Service has been hit with a targeted wave of ransomware. The Wanna Ransomware [WannaCry] is believed to be the strain of malware used.

Many GP Surgeries, walk-in centers and hospitals have been affected, suspending computer based activity until resolved.

The critical files of the hospital and trusts have been encrypted therefore are completely unrecoverable until the $300 ransom is paid for each PC.

The WCry Ransomware enters the organisation via a malicious document the payload is delivered via a macro enabled word document.

Ransom costs could total hundreds of thousands of pounds, although the damages due to downtime could cost millions. Machines will be offline until ransom is paid or recent backups are restored. The procedure of restoring backups could take days and drastically inhibit operations.

Ransomware is of growing concern for large organisations, contact us today to discuss preventative strategies with one of our experts.

Mitigations

• Ensure employees are aware of Ransomware and its dangers, through regular training & Phishing campaigns.
• Train employees to question the validity of emails and to not open suspicious unexpected attachments.
• Disable Macro scripts within Microsoft Office.
• Manage the distribution of privileged accounts. Only use administrative accounts when absolutely necessary.
• Have a robust and frequent data Backup strategy in place. Ensure backup data isn’t attached to the network. Always keep a backup offsite and offline.
• Rename sensitive file extensions to something unique [.doc to .file] This will prevent ransomware from encrypting the document.