It has been revealed that the largest NHS hospital trust in England has been infected with a virus affecting thousands of sensitive files. Barts Health Trust stated it was experiencing a ransomware virus attack and is making every effort to avoid disruption to patients treated at its four hospitals in east London: The Royal London, St. Bartholomew’s, Whipps Cross and Newham. The hack has affected thousands of files on the trust’s Windows XP operating system.
Richard Henderson, global security strategist at Absolute, made the following comments:
“Ransomware in IT healthcare environments continues to be an unholy menace to the day-to-day operations of hospitals. In the case of this latest attack on NHS, which is certainly not unique to them, it appears the majority of systems being hit are legacy Windows XP machines. In most healthcare environments, this is due to a number of factors: legacy tools, software and equipment that just won’t run on newer operating systems; lack of support from vendors (or vendors who may not even exist anymore); staggering costs that can’t be budgeted for to replace systems – all of these factors can make for very fat, juicy targets for cyber criminals.
“Protecting against these attacks should focus on two major prongs: the people using them, and the systems themselves. On the systems side, where machines can’t be moved up to (at the very least) Windows 7, organisations should start discussing moving legacy systems to tightly protected virtualised systems with an abundance of security controls built in to not necessarily stop an infection, but to stop it from moving to other systems. On the people side, as most ransomware continues to enter environments through email (attachments and links), a concerted effort by security staff to build better awareness of what ransomware is and how to spot suspicious emails is critical for success.
“Sadly, the ransomware threat isn’t going anywhere, especially in healthcare. It’s far too lucrative for attackers to give up on it, and with the staggering amount of legacy systems out there inside these networks, the targets are just too rich for them to ignore.”