NHS cyber attack declared ransomware “smash and grab”
Hackers used ransomware via UK’s National Health Service’s email in NHS cyber attack.
Ransomware is used to lock computer systems, allowing hackers to extort money out of organisations.
Clyde & Co partner Michelle Crorie said: “There are two mains ways hackers routinely seek to hold a business to ransom. The first is by extracting data and threatening to release it unless a ransom is paid. This leaves businesses in a very tough situation as there are data protection consequences to allowing a release.”
A crucial element to the pervasiveness of this NHS cyber attack is the interconnectivity between the critical and non-critical data held at the NHS, and hospitals in general.
The NHS is still experiencing IT failure after what has been described by several national media outlets as a “large-scale” and “national” cyber attack.
According to latest reports, 16 NHS Trusts have been impacted and GP services are being advised to wall themselves off from the NHS to protect their data.
Cunningham Lindsey global technology specialist practice group leader Mark Hawksworth said: ““The latest ransomware incident affecting NHS Trusts demonstrate how something as simple as ransomware can have a large impact on the ability of an organisation to function no matter what its size.”
RMS Cyber Accumulation Management System senior product manager Tom Harvey said: ”But extortion attacks have been on the increase over the past year and have been targeted on healthcare providers like this, as RMS highlighted last week in its Cyber Risk Landscape 2017 report.”
He added: ”Attackers are increasing their ambitions for ransomware operations. They have discovered that healthcare providers have paid cyber ransoms in the past – in the U.S. and Germany, for example, where hospital data and IT systems were locked.”