A massive ransomware attack targeted around 100 countries around the world. Perhaps one of the most affected is Britain’s National Health Service (NHA), where many hospitals struggled to keep up without their computers.
Friday, May 12, saw a cyberattack of global proportions when a ransomware popped up in computers across the globe. Multiple companies, organizations, and hospitals were unprepared to receive a message with a timer, stating that their files would be lost if they fail to pay before the clock runs out.
The ransomware is said to be taken from a program developed by the U.S. National Security Agency.
UK Health Services Targeted
The hardest hit in Friday’s attack were UK hospitals that had to revert to using pens, paper, and the staff’s own mobile phones to tend to their patients.
Hospitals in UK started having problems with their computers early in the afternoon, when staff started getting notices to unplug network cables and phones and were told of the possibility of having all their data wiped out unless they pay $300 to $600 in bitcoins.
Because of the cyberattack, citizens were advised to avoid going to local hospitals except for emergencies, as even ambulance schedules were in disarray, and hospital schedules were in chaos.
NHA released statements regarding the incident, confirming multiple reports of the attack and stating that the NHA was not specifically targeted but was targeted along with other companies. Further, they state that they do not have the evidence that patient data was affected in the attack.
In another statement that was more direct, NHS Incident Director Dr. Anne Rainsberry reassured patients that in cases of emergency, hospital staff will still be able to provide their services normally and that hospital staff will be ready to provide for their needs.
“More widely we ask people to use the NHS wisely while we deal with this major incident which is still ongoing,” said Dr. Rainsberry in the statement.
NHS Ignored Warnings?
Reports are now surfacing that perhaps the attack could have been prevented, at least in the NHA, if only they installed updates to their security system. As it turns out, the NHS currently uses outdated Windows XP and failed to upgrade to a newer version or even install the Microsoft-released patches that could have prevented the attack or at least lessened its effect.
Instead, the simple update that could have prevented the attack left them vulnerable to security breaches.
Medical Industry Vulnerable To Data Breaches
Just before 2016 ended, the FDA set new guidelines for cybersecurity when it comes to medical devices. The guidelines focused on working with hospitals and medical manufacturers to ensure the safety and security of their patients’ data.
Even before this latest cyberattack, hospitals have been victimized by hackers in the past. Such is the case with a hospital in California, where they had to pay hackers $17,000 just to gain access to their own records.
No group has yet to claim responsibility for the attack, but the widespread nature of this proves just how vulnerable computer systems can be, that not even hospital records are safe.