A recent alert from an Internet security organisation:
“For a few hours, bad news is spreading quickly about a massive wave of infections by a new ransomware called “WannaCry”.
We are still trying to collect more information about it.
It seems that 45K attacks were detected from 74 differents countries:
Big targets have been telecom operators (e.g. Telefonica in Spain) and hospitals in UK.
Once the malware has infected a computer, it spreads across the network looking for new victims using the SMB protocol.”
How long ago since you read my last article for pharmacists on the danger of Ransomware?
I can’t recall. It’s been quite a while.
The ‘immunisation’ against Ransomware is simple & effective:
Backups, Done ‘properly’
My local pharmacist is aware of this issue and seems to understand the risks and mitigations.
But he told me that he’d heard a bunch of other pharmacies had been attacked, and succumbed, to this form of attack.
‘Medical’ targets are perfect for Ransomware:
* they are always ‘too busy’ to do important maintenance
* I.T. is not regarded as a core asset or competency, not well funded, not well respected. (“we do MEDICINE not I.T.” – must’ve been said).
* always have tight budgets, but they can find large amounts when they have to.
and the real kicker:
* they can’t run their business “full bore” without their I.T.
This “can’t live without it” asset is essential for criminals in any successful blackmail / ransom attack, cyber or not.
I can confidently predict three things, based on the Y2K debacle:
* we’ll be inundated with ‘instant experts’ and ‘deep and abiding concern’ on the part of management.
* truckloads of cash will be poured into this black hole and everyone in charge will be very self-congratulatory.
* within a year or two, it’ll all be forgotten. Back to “BAU” (Business as Usual) and ripe for the next round.
The analogy with infectious diseases isn’t idle.
Every successful defence against large attacks will create a new, hardier ‘strain’ of exploit / attack – and old ‘viruses’ in the wild only die out as their hosts die.
We still have malware from 2001 ‘in the wild’ and circulating.
There will be more attacks, they will be virulent and they will mutate and exploit wholly new and novel ‘vectors’ and mechanisms.
Editor’s Note: There were over 40 NHS trusts (including their pharmacies) among the “hits” in the UK.