nhs cyberattack ransomware

NHS Cyberattack: Ransomware Hits NHS Hospitals across the UK

3 Mins Read

PUREVPNPrivacy & SecurityNHS Cyberattack: Ransomware Hits NHS Hospitals across the UK

If you are not aware about last Friday’s cyberattack that hit major networks and carriers around the globe, you must be living in a cave or something.

WanaCry, aka WannaCrypto, has proved itself to be one of the deadliest ransomware attacks responsible for taking out thousands of computers in the UK alone. If we add up the number of globally affected computers, the figure would go through the roof.

The ransomware exploited the security loophole present in thousands of servers running a Microsoft-developed OS. The vulnerability had been patched by Microsoft with the 17-010 patch but the servers that did not have that patch installed fell victim to the attack. The malware used a backdoor, DoublePulsar, which was originally created by a US spy agency.

The ransomware encrypts all the files on a computer and shows a screen that asks the victims to pay around $300 via Bitcoins to regain access to their data.

According to The Telegraph, around £33,000 in total ransoms have been disbursed to the attackers as of May 15, 2017.

The NHS Cyber Attack Incident

It is not just the business sector alone that has experienced a significant loss. The healthcare sector all over the world have also been victimized by the ransomware, including the National Health Services (NHS).

The NHS organizations and trusts across the globe have also fallen victim to WanaCry.

In fact, some hospitals had to cancel appointments and even surgeries due to the disruption that the ransomware caused.

Many NHS trusts issued notices informing patients about the status of the healthcare services amidst the cyberattack. For instance:

The Yorkshire Teaching Hospital NHS Trust issued a notice on its website on Friday, May 13, informing patients on the lack of computer’s availability due to the cyberattack, and on how they are working on to fix the issue. The trust updated its page on Monday 15, listing canceled appointments and planned operations.

Likewise, Southport and Ormskirk Hospital NHS Trust also issued a statement on Sunday, May 14, notifying patients about the incident and how it affected the trust’s clinical information system. On Monday, the trust updated its page asking patients scheduled for surgery to not to come unless otherwise informed. The trust also cancelled scheduled appointments and in fact MRI and CT scans.

The List of Affected NHS Hospitals & Trusts

Almost 48 out of 248 NHS organizations have been hit by the ransomware in the UK, which were later reduced to only 6 within 24hours of the attack. Here is a list of some of the hospitals and trusts that were hit on May 12, 2017.

Northumbria Healthcare

North Cumbria Hospitals

Morecambe Bay Hospitals

Blackpool Hospitals

Southport Hospital

East Lancashire Trust

Barts Hospital

East and North Hertfordshire

Derbyshire Community Health

University Hospitals North Midlands

North Essex Partnership University

London North West Healthcare Trust

York Hospitals

East Cheshire Trust

Aintree University Hospitals

The Royal Liverpool and Broadgreen Hospitals Trust

Liverpool Community Trust

Watford General

Broomfield Hospital, Essex

Lister, Stevenage

Northwick Park, North West London

Lincoln

St Bartholomew and Royal London

Colchester General Hospital

Norfolk and Norwich

James Paget, Norfolk

Queens Hospital, Burton

UHNM, Royal Stoke

Trafford

NHS Cyberattacks: Why Hospitals Are the Prime Target?

It isn’t the first time that a cyberattack has been aimed at the healthcare sector, and compromised important patient data. In fact, a month prior to the WannaCry ransomware attack, a group of cybercriminals attacked a Los Angeles based medical center, Hollywood Presbyterian, with a ransomware called Locky.

As a result of the cyberattack, the medical center had to pay around $17,000 in Bitcoins. After the ransomware attack, the medical center also had to keep their computers offline which resulted in a cessation of many healthcare services including planned surgeries as well as appointments and scans, for more than a week.

There are many reasons why the healthcare centers prove easy targets for such cyberattacks. For starters, hospitals, trusts or any other healthcare center for that matter, lack important cybersecurity awareness. The personnel working in the hospitals are educated more on complying with the HIPAA compliance than cybersecurity practices.

Another possible reason behind the NHS ransomware cyberattack could be the sensitivity of the information stored in healthcare center systems. These systems have the patients’ complete health history, prescriptions details and any treatment-related information that can be deemed as lifesaving info. For the well-being of the patients and to prevent any lawsuit, hospitals have no other option but to surrender to the exorbitant extortion demands of a cyberattacker.

How to Protect Yourself from Ransomware Attacks

Ransomwares are usually targeted attacks that are aimed at companies or networks that can shell out high ransoms. The ideal way to prevent ransomware attacks is by keeping the systems up-to-date with the latest security patches or updates.

Apart from security updates, users can also install a firewall to block malwares and other malicious tools from breaking into a user’s machine.

Users are also advised to take regular backups of their important data, let’s say on a Cloud service, so that they can keep their data safe, in the event of such incidents.

author

PureVPN

date

November 24, 2022

time

2 years ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.