WEB AND MOBILE FRAUD
WannaCry is a wake up call for all businesses
The WannaCry cyber-attack which disabled many NHS Trusts in May, is a wake-up call for all businesses.
This is the view of many business continuity (BC) experts voicing concerns that there may still be complacency around cyber defences because of the perceived weakness in public sector IT security protocols.
Although there was no evidence to suggest that patient data was accessed, NHS Digital remains on high alert and is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.
The focus is on supporting organisations to manage this incident both swiftly and decisively.
Ransomware attacks such as this are becoming more and more commonplace with public sector organisations arguably receiving an unfair proportion of them due to a perceived – or perhaps even an actual – weakness in their cyber defences. With healthcare providers across the country having to cancel services, it’s clear that this current episode has been an alarming situation for the NHS, the experts argue.
“It doesn’t matter where the threat comes from,” said David Thorp, executive director of the Business Continuity Institute (BCI).
“Organisations must have plans in place to deal with the consequences of such disruptive events. By putting plans in place to deal with such events, it means that organisations are better prepared to manage through them, lessen the potential impact and still provide an appropriate level of service for their customers.”
Following the news that the NHS had been hit by this large-scale cyber-attack, Joe Hancock, cyber security expert at law firm Mishcon de Reya, said: “This episode seems to be a criminally-motivated ransomware attack. The attack seems to have spread between interconnected systems, affecting multiple NHS Trusts and providers and impacting their operations. While there’s currently little evidence of ransoms having been paid, it’s possible that some smaller organisations will do so, although they may then deny it.”
Hancock continued: “High-profile cyber-attacks are often closely linked to geopolitics. This is likely to become a national issue over the coming weeks, and especially so for a sector that’s key to our Critical National Infrastructure. There have been recent examples of attacks affecting healthcare globally, such as huge leaks of US medical records, for example. It was almost inevitable that this type of activity would cross the Atlantic at some point. That said, it’s surprising to see it happen at this scale.”