NHS services throughout the UK, along with computer systems in countries throughout the world, were recently subjected to an attack by a program known as ‘WannaCry’. The alleged attack in question involved hackers infecting the software used by the NHS and preventing NHS staff from accessing their files unless they receive $300 worth of Bitcoin payment. Ransomware attacks typically block access to computers or encrypt the files stored on them, and then demand payment so they can be unlocked.
In the past, ransomware might involve a pop-up showing up on a computer screen, claiming that the computer had been infected or that the software needed updating. The receiver of the pop-up was then asked to pay a fee so that the virus could be cleaned or the software updated.
Ronald Noble, founder of RKN Global, urges individuals and businesses to regularly back up their data both on and off-line in order to be less susceptible to the extortion of ransomware attacks.
One recent report showed that financial and health care organizations are more likely to become victims of ransomware than any other organization. This has proven to be an accurate assumption, as the National Health Service in the UK was hit quite hard, resulting in limited or no access to patient files. One of the reasons for this vulnerability is that health care and financial organizations often use the same software and systems to gain access to their files. Due to this widespread use, hackers can potentially create havoc by spreading the ransomware to every computer throughout the organization.
Hackers use increasingly sophisticated methods to gain access to computers. Some of the methods they may use can include looking out for weaknesses in the system by sending out a large number of emails that could compromise firewalls, and other intrusion systems. Along with using fake ads and emails that contain malware and viruses, hackers may also sell software that appears to be completely legitimate but in reality contains a virus.
Approximately 4,000 ransomware attacks occurred in the United States every single day in 2016.
Organizations in the US, UK, and throughout the world should take steps to understand how hackers work and the systems that they use to gain access to personal information. In addition to being aware that at any given moment a computer system can be targeted by hackers, individuals and organizations should ensure they use software that can genuinely help to protect against attacks.
New and improved software may not always be enough win the fight against attackers. But it certainly increases the odds.
What happens when organizations and individuals do not pay the ransom? Non-payment could result in the loss of some very important files; in fact, 28% of organizations who did not make a payment lost files. If the NHS decides not to pay the ransom in question, it may lose important patient files.
Patient files often contain past medical history, information about which drugs were used to treat illnesses, operations that were carried out, allergy information, risk assessments for illness, and ongoing treatment plans.