A ransomware attack hit UK’s National Health Service (NHS) leaving the healthcare system without access to patient health records. The attack spread to over 90 countries within days. The hackers demanded the health system pay £415,000 by May 19th in exchange for a decryption code.
Excerpt: “The National Health Service in England and Scotland was hit by a large ransomware attack that has affected at least 16 of its organizations, NHS Digital announced this morning.
“The attackers are asking for 415,000 pounds, or about $534,146, before May 19 or the hackers will delete the files, according to MetroUK.
“The attack has crippled the health system’s ability to treat patients, according to BBC News. Hospital staff are unable to access patient data. Further, ambulances are being diverted and patients are being warned to avoid some departments.
“Security firm Kaspersky Labs discovered more than 74 countries have been hit with this ransomware in the last 10 hours. The security team has confirmed attacks in Russia, Ukraine and India.
“‘We are aware that a number of NHS organizations have reported that they have suffered from a ransomware attack,’ said UK Prime Minister Theresa May in a statement. ‘This is not targeted at the NHS, it’s an international attack and a number of countries and organizations have been affected.’
“‘The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organizations concerned and that they protect patient safety,’ she continued.”
“The organization launched an investigation and determined the ransomware is likely the Wanna Decrytor. It’s one of the most effective ransomware variants on the dark web, and at the moment, there is no decryptor available.
“Officials said the attack didn’t specifically target the agency and that organizations from other sectors have been hit, as well.
“‘At this stage we do not have any evidence that patient data has been accessed,’ officials said in a statement.”
Source: Healthcare IT News
WBB Take: Routine quality inspections and reviews of processes can reduce the risk of information security breaches by including patch levels as an inspection item. A key aspect of quality improvement is to ensure that repeatable processes are documented, executed, and reviewed to ensure that operations are reliable and have the desired outcomes. While often forgotten in quality assessments, ongoing maintenance of “machines” is a critical component in modern healthcare.
As a result of the attack, many Trusts were forced to divert low-acuity cases, and some Trusts made public appeals on social media for the public to use the hospitals only in emergencies. The ransomware attack exploited a vulnerability in unpatched Microsoft software, and rapidly spread within and between NHS Trusts before being contained. The vulnerability of key patient record systems in the NHS was due to outdated patch levels, and insufficiently effective processes to update key systems in a timely fashion.
Cited by Rachel Condy