NHS Hack – Protect Against Ransomware

Surpirse? Another High Profile Cyber Attack In The News

It must be about a year or so ago, I attended an appointment at the doctor and I couldn’t quite believe that the system being used to enter my details was running Windows XP. It was one of those old fashioned Dell desktops which couldn’t have run Windows 7 even if they wanted to upgrade it. The scale of the problem that the NHS face must be huge. These old computers cannot be upgraded. They need to be binned and replaced.

When the news of the Ransomware “attack” broke on Friday night, when reading the initial reports, there was suggestion that this was a targeted attack that was planned. I didn’t see it that way. I don’t believe anyone specifically planned to attack the NHS systems. The systems are out of date. They are sitting ducks. Windows XP simply cannot defend itself against these type of trojan worms.

Here’s the bit I don’t get, the systems within the NHS that are / have been upgraded have been stepped up to Windows 7 (at a huge cost). Windows 7 is a legacy system! It becomes obsolete in January 2020. That’s less than 3 years away.

What has just happened is the biggest example of just how high risk it is to have any computer connected to the internet running out of date systems. In the shop we do not take in XP or Vista machines for repair. I often feel that when advising on the risks of running these old systems, some people may think that I am scare-mongering in order to try and sell a new computer! The risks are real. The threats are out there.

As unfortunate as it is, this is the type of thing that has to happen as a shake up. I’m sure that for many years, the IT support companies that are contracted to the NHS Trusts have been warning of these risks but with limitations on budgets, haven’t been able to properly protect the system.

Some Advice To Protect Yourself From Ransomware

  • Do not open attachments from emails unless you absolutely trust the sender.
  • Allow Windows Updates to install. These contain patches to protect against the latest threats.
  • Backup files that you wouldn’t like to lose. If your computer gets hit with Ransomware and you have your stuff backed up – it doesn’t matter. Your computer can be reset and your files copied back over.
  • Keep your internet security up to date.

IMPORTANT: If you use an external drive for backup – DO NOT leave it permanently connected to your computer. Backup your files, then disconnect your drive from the USB port. Ransomware can encrypt everything connected to your system including USB sticks, external drives, etc.

We deal with Ransomware infections in the repair shop regularly. When a computer comes in with suspected Ransomware, we carry out a strict quarantine procedure on the machine and even close down our internet router to prevent it hitting our LAN.

If you are reading this post on a Windows XP or Vista computer, Malwarebytes has a Beta program in development which will add extra protection to the missing patch updates that you cannot get on your outdated system. Link to download.

Stay safe online and backup your stuff. Ransomware is a nasty piece of work but if you have your files backed up – you don’t have to worry.