NHS 'could have prevented' WannaCry ransomware attack

9 793 0 administrator

NHS 'could have prevented' WannaCry ransomware attack

 

In May, the NHS's confidence remained vulnerable as a result of a major attack on extortion, as recommendations on cybersecurity were not observed, the government report said.
According to the National Audit Office (NAO), more than a third of trusts in England were violated by the revenge of WannaCry.
As a result of the attack, at least 6,900 NHS appointments were canceled.
NHS England said that the patient data was not compromised or stolen, and praised the staff response.
The head of the NAO said that the Department of Health and the NHS should now "unite their actions."
Cyber-attack: answers to your questions
WannaCry: What can you do to protect your business?
Malicious programs, patches and worms are defined
WannaCry, which spread to more than 150 countries in a worldwide outbreak of extortion that begins on May 12, has become the biggest cyber attack that hit the NHS to date.
Encrypted data of malicious programs on infected computers demanded a ransom, approximately equivalent to 230 pounds sterling (300 US dollars).
The NAO report states that there is no evidence that any NHS organization paid the ransom - but the financial costs of the incident were not known.
A score of 88 out of 236 NHS Digital trusts before the attack showed that none of them had gone through the required standards of cybersecurity.
 

NHS 'could have prevented' WannaCry ransomware attack

 

NHS 'could have prevented' WannaCry ransomware attack

 

The report states that the NHS trust did not act on the critical warnings from NHS Digital and the warning from the Department of Health and the Cabinet in 2014 about whether to correct or migrate from the vulnerable older software.
The report says that the Department of Health also does not have important information.
"Until May 12, 2017, the department had no formal mechanism to assess whether the NHS had implemented its recommendations and recommendations."
Organizations could also better manage the firewalls of their computers, but in many cases they did not, he said.
NHS did not report any cases of harm to patients or their stolen data as a result of WannaCry.
NHS England has identified 6,912 appointments - including operations - that were canceled as a direct result of a ransom.
But, according to his estimates, about 19,000 appointments in general were affected. The number of cases included at least 139 people potentially having cancer, which were canceled urgent appeals.
Unknown:
how many GP appointments have been canceled
how many ambulances and individuals were diverted from five emergency and emergency departments unable to treat some patients
how much trust or general practitioners experienced delays in information, such as test results
NAO is lending to the well-known work of cybersecurity researcher Marcus Hutchins, who accidentally helped stop the spread of WannaCry.
His "kill switch" included registering a domain name associated with malware that deactivated the program's ability to distribute automatically. Head of the Office of Minister Ben Wallace told the BBC Radio 4 Today program today that the government is "as confident as possible" that North Korea was behind the attack.
"This attack, we believe quite strongly, that it came from a foreign state," he said.
"It is widely believed in the community and in many countries that North Korea [assumed] this role."
Speaking of the same program, former NHS Digital chairman Kingsley Manning said that the inability to update old computer systems at the local level in the NHS contributed to the rapid spread of malware.
He said: "The problem with cybersecurity for the NHS is that it has a particular vulnerability ... It is very interrelated, so if you get an attack in one place, it tends to spread."
Mr. Manning accused of lack of time and resources, as well as "outright lack of focus, lack of serious attitude towards them" in order for individual NHS organizations to not keep pace with improvements in the field of cyber security.
"It was an extremely simple attack," he added.
The NAO stated that the NHS "agreed that there are lessons to learn" from WannaCry and will now develop a response plan.
It will also ensure that critical updates for cyber security, such as the application of software patches, are performed by IT staff, the NAO said.
WannaCry was a "relatively simple-minded attack and could be prevented by the NHS in accordance with the best practices in IT security," said Sir Amyas Morse, Comptroller and Auditor General of the NAO.
"There are more complex cyber threats than WannaCry, so the Department and the NHS need to join their efforts to ensure that the NHS is better protected from future attacks."
Keith McNeil, NHS Clinical Information Specialist for Health and Care, said: "As clear from the NAO report, no harm was done to patients, and there were no cases where patient data was compromised or stolen.
"Trial and tested emergency plans were quickly activated, and our hardworking NHS staff spent an extra mile to provide patient care while maintaining the impact on NHS services and patients to a minimum."
Analysis - Rory Kelan-Jones, Technology Correspondent
For many managers, a serious cyber attack is now very high on the list of risks for their organizations and is a priority for disaster planning.
So the most shocking in this report is the lack of planning at the local level in the NHS for such an event.
To be fair, it should be noted that the Department of Health developed a plan - it was simply not properly transferred or tested in NHS funds. When the catastrophe came, no one seemed to know who was responsible or what to do.
Of course, all this could be avoided if security fixes were applied to protect Windows 7 systems distributed throughout the NHS. Once again there were warnings sent by NHS Digital, but many trusts did not act on them, although in this they were no different from many organizations around the world who also suffered.
In one case, the NHS was lucky - if instead of Friday in May, the attack occurred on Monday in winter, and with the appointments assigned weeks, the damage would be much worse.
Cybersecurity experts will tell you that the solution to such attacks is usually associated with management rather than with a technological problem. And in this case NHS was unable to manage a quick and effective response to its first major cybersecurity crisis.