The WannaCry NHS Attack
As we have mentioned in our previous blog post, one of the most well-known ransomware attacks of recent times has to be the WannaCry NHS Attack. This particular attack happened in 2017 and was not only focused on the NHS in the UK, but also took on more than 300,000 computers around the world were also affected. But what was this attack and what impact did it have?
What was the WannaCry attack?
A form of ransomware, WannaCry was delivered via emails which were designed to trick recipients into opening an attachment. This attachment contained the malware, which would then be released to the system of the people opening the attachment.
Once the ransomware takes effect in the computer, the files that are contained within it are all locked up and then encrypted. You will not be able to open or access the files as you normally would.
You will be told that you cannot open the files until you pay a “ransom”, hence the name, in bitcoin. However, it is thought that just because you pay the ransom, you may not be able to access those files. In fact, you may end up being asked for more and more money and in the end you may find that the files have been deleted completely.
How did it impact the NHS?
Whilst companies around the world were affected by the WannaCry attack, in the UK the worst hit had to be the NHS. Both hospitals and GP Surgeries throughout England and Scotland were affected. This meant that they couldn’t access their files or their systems as a whole. Not even simple systems such as their telephones were working.
Patients saw that they would be turned away. Not only from routine appointments at the GP, but for long term appointments, such as for operations too. So much was the impact, that in some areas in the UK, people were being told that they should only seek medical care in extreme emergencies.
For those patients who did turn up, they were met with pen and paper as well as personal mobiles being used during their appointments and consultations.
The WannaCry attack scrambled private medical data and also data used on the hospital and GP’s systems. If they were trying to be accessed, then they were met with messages that demanded between $300 and $600 in order to access the files and data that they needed.
What has happened since?
It is thought that the WannaCry attack was possible due to a weakness within the Microsoft system. This meant that after the attack, Microsoft knew that they needed to make changes. They released a patch which provided additional detection and protection, even against the clever software that was being used by the hackers.
Despite learning lessons from this particular attack and taking measures to protect ourselves. Who knows what could be around the corner? It is important, no matter the size of your business, that you are aware of these attacks and that you make sure that your business and the data that you have is protected.