NHS could have Prevented WannaCry Ransomware Attack

The NAO (National Audit Office) reported that NHS trusts were left vulnerable in a major ransomware attack in May because cyber-security recommendations were not followed.

Spencer Young, RVP EMEA, at Imperva, said: “Ransomware is now one of the most profitable types of malware attacks. Cybercriminals have discovered how financially rewarding—and easy to use—it can be, especially against larger targets, such as NHS with business-critical data stored on file shares.

"In the decade since its initial appearance, the ransomware extortionate has evolved from a collection of ad-hoc tools implementing an unripe idea and run by callow hackers, to a smooth and highly efficient ecosystem run by professionals and filling the hacker’s most desired void: the path from infection to financial gain.

"The history of cyber events has taught us that security officers should assume that eventually the attackers will find their way in. Data breaches and ransomware attacks both have a common meeting point, which is the place where data resides.

"A critical line of defense for both types of attacks is the security controls where this data is stored—databases, files and cloud applications— and in the applications through which it is accessed. Such security controls, which include monitoring access, specifically around data modification and detection of suspicious anomalies in access patterns, will facilitate early detection of ransomware attacks and immediate isolation of the suspicious endpoint to prevent the encryption or hostage of the files.”