Hack Attack hits UK


Hackers have locked up the data in thousands of computers including in General Practice and hospitals across the UK and round the world.

Could your data be at risk?

In this attack, hackers used software known as Ransomware to encrypt data.  Users were faced with a message demanding USD 300 in bitcoins in order to retrieve their data.  This has made it very difficult for some organisations to work and there may be no choice but to pay the price in some cases as there is no practicable way to decrypt the files without the key.

Ransomware has been a nuisance for a long time but to date has largely affected users who opened suspicious email attachments.  The software scrambles user data on the infected machine and also any network drives to which it is attached, often including large corporate servers.  Prices of tens of thousands of dollars have been paid to get data back in the past.  What is different this time is that a known exploit was used to attack Windows machines which had not been upgraded, mostly those running Windows XP, although the issue can still affect newer versions of windows that have not had security updates applied recently.

The British National Health Service is particularly vulnerable to this kind of attack as the central funding model means that IT upgrades are a very low priority.  Many hospitals and GP surgeries in England were running Windows XP which should have been replaced at least 3 years ago.  With our more flexible user-pays model, we were able to budget for the change and upgraded our IT systems long before the support for XP ended.  In this case, 'free at the point of use' has turned out to be exrtremely expensive. A big thank you is also owed to the IT department at Pegasus Health who keep a check of which operating systems member GPs are using and make sure that they are kept up to date and secure.

With almost all healthcare data now existing only in digital form it is really important that healthcare providers are aware of these risks and take appropriate steps to manage them and of course for all of us to try to avoid becoming victims of malicious attacks.  Here is how IT experts advise you should protect yourself:

1.  Think hard before you open email attachments.

Email attachments often cary viruses, even if they appear to come from people you know. 

Most of the time, antivirus software will pick these up but it is still unwise to send or open files by email.

If you do have to open an attachment, watch out for 'double dot' endings:  "infectedfile.docx.exe" looks like a document but is actually an 'executable' file which can do anything to your computer - it's the last three letters that give it away as your computer will not 'see' the docx bit at all.  It will treat the file as a program and once it is running, will do as the program instructs. 

Files that do not open easily should also be discarded.  You can always request another copy.

It is also worth taking great care when you click on links in emails.  They often point to unsafe websites and some of these will persuade you to download dangerous software.

2.  Keep Backups of Important Files

Backups are essential in the fight against ransomware as with a recent backup, getting pinged with the software is only an inconvenience.  Good backups also protect against hardware failure - it can cost over $1000 to have vital data recovered from a damaged hard drive and results are patchy so back up your files, and do it often.

The best form of backup is to copy all important files onto an external hard disk, DVD or flash drive from time to time.  You should do this at least once per year even if you don't do much on the computer, and keep the backup in a safe place, where it is easy to find and unlikely to be lost or stolen.  If you use a writeable media (like a hard disk) you should have at least two and alternate using them so that if one is damaged (or infected) you have a good chance the other will not be.
Cloud storage services like Dropbox are a very good option as they offer much greater security and are very easy to use.  It is still important to keep occasional local backups on removable media, but if you use a cloud service you are reasonably safe.  Just make sure that you use one that does not allow permanent file deletion so can be restored if needed.
At Sumner Health Centre, we back all important data up every day.  This is to a secure server off site, which is in turn backed up every day elsewhere.

3.  Use Webmail

Amongst the many advantages of webmail over local mail clients is that they are almost immune to ransomware - your email will still work even if everything else is locked down. 
If you do use a local email client, consider using your dropbox or onedrive folder for the message store.  Email stores are quite difficult to backup (though Windows Backup does a decent job)

We use a webmail system that also blocks attachments.  This makes it harder for staff to open potentially malicious files.

4.  Don't Mount Network Drives

If you use a shared file folder on a media server or a network storage device, it is vulnerable to ransomware if it has been mounted as a network drive on an infected machine.  'Mounting' a drive means your local computer will treat the drive in the same way it treats its own hard drives.  No logon required and of course, no barrier to encryption.  Unfortunately, it only takes one infected computer to encrypt the drive so make sure all users at home log in to access network files every time.
At SHC we do have to use mounted drives as our medical software requires this.  We strongly recommend that you do not do this at home.

5.  Keep your Disks!

If you were given disks with your computer, keep them safe.  If you do get hit with ransomware you may need them to restore your computer to factory settings.  Most computers do not need disks now, but don't lose them if yours does.
We have to keep all our disks, partly as evidence that we hold a licence for all the software we use.

6.  Use Antivirus Software - it's free for home use in most cases.

Antivirus software will protect you against most attacks.  You can obtain very good protection for free and top-grade protection is inexpensive.  Consider purchasing bulk licences for multiple computers at home as this is a cheaper option.
It is always worth searching to find the best option for your needs each year as there is a lot of competition in this market and prices can vary widely for very similar quality products.
Our antivirus system is not commonly used in the home setting as it is more finely tuned to the needs of the corporate environment, but is provided by one of the biggest names in antivirus protection worldwide.

7.  Enable Automatic Updates

Windows and Mac systems have the ability to update themselves automatically.  Although this can be a nuisance in the corporate environment it is a really bad idea to turn this service off at home.  Windows always ships with this feature turned on, so if you have not turned it off, you'll be covered.
For your protection, we leave automatic updates switched on and on the very rare occasion that there is a clash with our software we just roll back the changes.

8.  Don't tell anyone how you protect yourself!

You may notice that we have not given any specific details about who provides our services and how they work.  This is both to avoid partiality and also to avoid giving away information that might be useful to a hacker.  Even though we make ourselves as tough a nut as possible to crack, it is not possible to guarantee that connected systems will never be compromised.  Keeping details of how you protect yourself out of the public domain is only common sense.


Credits:  Hard Disk Drive Window: Carl Revell

glqxz9283 sfy39587stf02 mnesdcuix8