Posted on June 6, 2017 at 7:58 AM
The UK health service NHS was one of the companies that have taken the biggest hit from the ransomware called WannaCry that has managed to cripple half the world. NHS’s systems were severely damaged, and they weren’t known to begin with, which makes them really bad at this point.
And now, the risk of another attack is getting bigger every day, which is mostly because of all the Government cuts to the IT budgets. The situation is so bad that it even has health chiefs worried. It’s not surprising, considering how bad the things got during the WannaCry attack.
It’s only been a few weeks since operations were canceled, and ambulances diverted. Ransomware worked quickly, and soon enough, the majority of hospitals have had their medical records sealed, and were unable to access them.
Even a director at an NHS trust got infected by this virus and has now warned that the pressure on the IT budgets can only increase the risk from a new successful attack.
A new report that came from Alan Brown, an informatics director for London North West Healthcare Trust says that the situation is even worse than previously thought. Brown claims that the effects of the ransomware attack were worse than reported.
Brown also stated that these budget cuts, as well as a focus on new tech, has taken its toll and that all of the expenses were paid from the budget meant for the preventative IT maintenance. Basically, ICT is being pressured to support and deploy any new tech that comes out, and all of it goes at the expense of preventative maintenance.
Also, it doesn’t help that the ICT is getting requests to increase their cost savings. All of this combined only leads to increased risks when it comes to new attacks, and also decreases the speed and even a chance that the systems might recover from it.
More than 47 NHS trusts were infected during the WannaCry attack, and London North West was one of them. Luckily, it managed to isolate the spread of the ransomware to less than 10 computers, which means that it wasn’t hit as badly as some other trusts.
Still, all of their IT systems had to go down, and over 300 radiology appointments were canceled. This had an obvious impact on all of the neighboring trusts that also depended on their IT systems. Even worse, the systems weren’t completely restored for entire five days after the attack has ended.
This report also mentioned the possibility that more trusts were infected than it was previously thought. This was even confirmed by a series of meetings between IT leaders that occurred in the week after the attack. Not a single trust was reported to be completely unaffected.
It was also pretty obvious that the infection came from the computers that didn’t download the latest Windows updates that Microsoft released back in March. These patches were specially designed and would have blocked the vulnerability that WannaCry exploited.
The earlier produced report for the trust states that the lack of regular updates is the reason why such infections are spreading. Mr. Brown’s comment was that the conflicting priorities are to be blamed. Also, the IT teams are constantly being drawn to new projects, and the funding isn’t getting any bigger.