Five things US healthcare providers can learn from the NHS ransomware attack

The recent ransomware attack spanning 150 countries and infecting over 200,000 including NHS hospitals and trusts across England and Wales were unprecedented in scale. The attack affected NHS’ operations particularly hard as the ransomware froze computers across the health service.

As a result, media reports indicated NHS providers were forced to cancel routine procedures and divert emergency cases in the wake of the attack.  

Functionally, the NHS attack relied on a piece of malicious software called “WanaCrypt0r 2.0” or WannaCry, which exploited a vulnerability in the Windows Operating System which unfortunately had been previously addressed by a patch Microsoft released in March.

However, the computers that had not installed the security update were vulnerable to a breach.

In the end, the damage could have been much worse, as an independent security expert was able to locate a “kill switch” in the ransomware’s code, enabling the NHS to unfreeze their systems. Such an anti-climactic resolution might not occur next time.

Further, given that ransomware attacks appear to be somewhat geographically indiscriminate in the healthcare locations they target, attacks on healthcare targets in the US could be launched again.

With a history of recent smaller scale attacks over the past few years in the US, it is likely, ransomware attackers will continue to press for vulnerabilities in US healthcare systems. Accordingly, US healthcare providers should be aware of tips to keep their systems safe from ransomware attacks.

1.Exercise good email and file sharing security

Using the ransomware attacks that targeted US healthcare providers recently and the recent NHS attacks as a lesson in security planning, one can safely state that internal security protocols are one of the most important steps in preventing this type of attack.

Although the NHS attacks did not result from staff unwittingly unleashing malicious code on the system by opening an email or file attachment the, recent attacks in the US did result from this type of mistake. Therefore, it is important to use email programs contains virus scanning software and ensures staff is aware of the risks involved with opening and downloading third party files that could contain malicious code.

2. Use training to reinforce good security practices

One way to mitigate a significant amount of risk from email attachments and downloads involves training staff on the risks inherent in downloading and opening unverified third-party files.

3. Keep track of vital software updates

The NHS attackers were allowed access as a result of a failure to update a patch in the Windows operating system.  As such, it imperative to make certain all operating systems, browsers and other software are the most recent versions and all security features on these programs are activated.  

4. Establish a strong security barrier

Although it’s an often-repeated message, having an effective security scanning system is vital to prevent virus or malware infections on a computer system. Some of the more advanced security scanning and removal are able to remove the malicious code, such as found in ransomware, from documents, attachments, and email.

5. Be methodical when establishing and reviewing security practices

Having a strong security program should be approached in a strategic manner that focuses on having clear and measurable security goals and how to achieve them. A methodical approach would involve appointing a security team to review security policy, and either in-house or outsourced security professionals audit security measures and policies to make sure they are rigorous.

Of course there is not a 100% foolproof way of avoiding security breaches from hackers, however, the risk presented from ransomware can be mitigated substantially when the steps taken above are followed.