11.10.16

NHS increasingly being targeted by ransomware attacks


NHS hospitals are increasingly being targeted with ransomware attacks, according to an investigation by i.
The online newspaper found that in the past 12 months, at least 30 NHS trusts in England have been victim to this particular type of attack.
In four cases, the incident had to be reported as a “potential breach of data protection or confidentiality laws”, i explained.
According to Ollie Whitehouse, technical director of NCC Group – which helped gather the data – ransomware “has become the bottom line of cybercrime”.
“If [cybercriminals] break into a system and can’t find any other way to monetize what they find, they encrypt the data and demand a ransom,” he explained.
Cahal Milmo, chief reporter of the i –  and who reported on the story – said that one of the reasons there has been an increase in successful attacks is to do with dated technology.
He said: “Auditors and the NHS’s own cybersecurity experts have highlighted the continuing use of old software such as Windows XP in some parts of the health service as one vulnerability.”
NHS Digital, which stated that no ransom has been paid in any of “the ‘rare’ serious ransomware cases” it has been alerted to, is making concerted efforts to boost its cybersecurity prowess.
Rob Shaw, chief operating officer at NHS Digital’s Data Security Centre, revealed last month that the health tech body is looking to work more closely with the UK’s National Cyber Security Centre.
Ransomware attacks are an increasingly popular way for cybercriminals to extort money from companies and consumers, as ESET’s Lysa Myers recently highlighted.
“Ransomware can certainly be frightening, but there are many benign problems that can cause just as much destruction,” she noted in her article.
“That is why it has always been, and always will be, best practice to protect yourself against data loss with regular backups kept offline. That way, no matter what happens, you will be able to restart your digital life quickly.”