A large scale cyber attack of hospitals across England has staff and patients reeling. The fallout has serious impacts on individuals’ healthcare, as everything from patient records and prescriptions to surgery schedules are inaccessible. Without these records peoples’ lives are in serious danger. This attack has apparently spread to 74 countries (at last count) today, and has targeted other industries besides healthcare.
The attack has been described as a classic ransomware attack whereby malicious software somehow made it into the hospitals network, shutting down access to all this information unless the company pays to have this access reinstated. Ransomware is a persistent threat to any company, and it’s an attack that companies can take steps to prevent.
Ransomware relies on its malicious code to be installed inside the victim’s network. It can weasel its way in through everything from email phishing schemes to web application vulnerabilities to inside jobs. Every company must have a security plan for all systems and personnel inside the company. A few tips:
- Make sure users are trained to look for attacks.
- Restrict access for installation of any software to only those people essential to the installation.
- Have your web applications tested for vulnerabilities that would allow an outside user to upload malicious files.
- Audit your personnel and their access to systems.
- And most importantly, have a backup of your data and a plan to quickly revert to a backup.
Ransomware is an ever-present threat, but it’s one of many attacks that could completely destroy any company out there. Everyone needs to make sure their organization has a robust security plan and program in place, and make that a top priority.