Just two days before the most devastating malware attack in recent history, London-based Dr. Krishna Chinthapalli warned in a British Medical Journal article that Britain’s state-run National Health Service was vulnerable to cyber-security threats.
"Hospitals will almost certainly be shut down by ransomware this year," he wrote.
At the same time, North Korean hackers developed WannaCry ransomware using modified code from the National Security Agency to infect computers in more than 100 countries.
Within two days, WannaCry crippled the U.K.’s entire National Health Service (NHS). Emergency services were disrupted, ambulances were diverted to other hospitals, and doctors were forced to cancel appointments and operations.
After the attack, it was discovered that 90 per cent of NHS hospitals were using Windows XP, an Operating System (OS) no longer supported by Microsoft, which has long warned against using outdated software because of security issues.
Hospitals present an easy target for ransomware attacks because of their highly sensitive databases. In fact, dozens of hospitals in the U.S. have been attacked by ransomware this year alone, with ransom demands running into millions of dollars.
What proves difficult—and expensive—is updating operating systems. Ransomware can breach a company’s system through a single security weakness, then spread throughout unprotected computers and embed itself within the files. In the NHS case, hospitals and clinics were crippled not only through ransomware in their servers and databases, but on medical hardware and equipment, such as MRI machines.
In the weeks following the attack, reports surfaced that the NHS administrators had been urged not only by the government to update the systems, but by its digital team’s suggestion of a ransomware prevention remedy.
"We have learnt a lot in terms of dealing with a cyberattack,” said Nick Hulme, chief executive of the U.K.’s state-run hospitals in Ipsich and Colchester. “The biggest problem is every time we think we have something fixed the hackers and criminals develop something new. Trying to stay one step ahead is a never-ending challenge," he told NBC News.
“The ransomware is that good,” said FBI agent Joseph Bonavolonta.
Given the sophistication of the virus and the nature of encryption malware, many companies are left with few options to protect their data.
“To be honest, we often advise people just to pay the ransom,” Bonavolonta told the Security Register.
Marcus Hutchins, a British technology expert from Malware Tech Blog, discovered a kill switch in the ransomware code that allowed him to shut down the entire spread of the virus with the registration of a specific web domain, and the NHS was soon able to resume normal service.
Hutchins has a word of warning for those who think ransomware is gone now.
“This is not over,” Hutchins told The Guardian. “The attackers will realize how we stopped it, they’ll change the code and then they’ll start again.”
With thousands of new variations of the virus popping up around the world, ransomware and the hackers behind it are here to stay. But what is crucial is that companies recognize the importance of digital security and take appropriate steps to protect themselves.
Click the button below to sign up for your free BCBusiness trusted partner Ransomware Audit