case-study-uk_555

United Kingdom National Health Service

The WannaCry cyber-attack was a ransomware attack that affected hospitals across the United Kingdom and lasted from May 12th, 2017 to May 19th, 2017. It crippled computers in 16 hospitals in the UK area costing £92m, which is about $114,000,000. The hacker demanded 300 Bitcoin, which was about $60,000 at the time.

This cyber-attack caused over 19,000 appointments to be canceled, 200,000 computers to be locked out and multiples files to be encrypted, only displaying a message from the hacker.

Additionally, the attack left many hospitals unable to access basic medical records and one hospital was forced to cancel all non-urgent operations. The United Kingdom National Health Service (NHS), was accused of using outdated IT services, such as Windows XP, that allowed the attack to occur.

The hackers utilized a service called EternalBlue, which is a cyberattack exploit developed U.S National Security Agency (NSA). This exploit was leaked by a group known as The Shadow Brokers a month before these UK attacks – which prompted the WannaCry hackers to utilize this method. The code to this exploit is actually still available on the internet despite Microsoft’s efforts to provide a patch.

Since the attacks, the NHS claims to have improved their technology to prevent any further attacks. They focused on improving IT services in areas that are more vulnerable, by investing £60m in their major trauma centers and ambulance services. Furthermore, the U.K. government set a goal to improve overall technology infrastructure and dedicated £150m over the next three years. A year after the attack, reports claim that the results of such heavy investments are paying off and organizations are making “good progress” implementing data security standards.

The attack was later blamed on North Korean hackers. When the attack occurred, experts advised against paying the ransom and NHS England informed media that no ransom was paid.

Cybersecurity experts were able to stop the WannaCry ransomware from spreading and later admitted that there were patches that needed to be made in the systems. Their unpatched and unsupported operating systems made them more vulnerable and cost more money. After the expensive overhaul of the outdated systems NHS claims their technology is now up-to-date.