Cyber experts issue protection advice following NHS ransomware attack

Following the ransomware cyber attack on Friday May 12 which affected the NHS and is believed to have spread through organisations in at least 74 countries worldwide, the National Fraud Intelligence Bureau has urged both individuals and businesses to follow protection advice immediately and in the coming days.

The ‘Wannacry’ ransomware has spread unchecked through unprotected systems, including many NHS networks in the UK running the outdated Windows XP operating system, which has been unsupported since 2014.

The Crown Commercial Service paid Microsoft £5.5m for one year’s extra support to give government departments 12 months to upgrade their systems, but the additional cost of upgrading the proprietary software meant that many computers were left running the vulnerable XP system.

Following the spread of the virus globally, Microsoft has since issued an “highly unusual” emergency update.

However, it has been reported that new strains of the virus, possibly created after the discovery of the ‘kill switch’ for the existing Wannacry and Microsoft’s update, could start to spread in a similar pattern.

It is with this in mind that the National Crime Agency (NCA), which is working closely with a range of partners both in the UK and overseas, has issued the following advice:

Key Protect messages for businesses to protect themselves from ransomware:

- Install system and application updates on all devices as soon as they become available.

- Install anti-virus software on all devices and keep it updated.

- Create regular backups of your important files to a device that isn’t left connected to your network as any malware infection could spread to that too.

Additionally, for individual users:

- Only install apps from official app stores, such as Google’s Play Store, or Apple’s App Store as they offer better levels of protection than some third party stores. Jailbreaking, rooting, or disabling any of the default security features of your device will make it more susceptible to malware infections.

The National Cyber Security Centre’s latest technical guidance includes specific software patches to use that will prevent uninfected computers on your network from becoming infected with the “WannaCry” ransomware: https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance

Additional in-depth technical guidance on how to protect your organisation from ransomware is also available from the NCSC at https://www.ncsc.gov.uk/guidance/protecting-your-organisation-ransomware and on the Microsoft website: http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt.