A rash of ransomware attacks has hit US hospitals in recent weeks, could NHS hospitals be next in the crosshairs?
With multiple US-based hospitals suffering disruption at the hands of ransomware infections, and the potential for this to impact upon patient care and wellbeing, we cannot but wonder if the NHS will be next? That criminals will target hospitals in pursuit of a profit, albeit in the case of ransomware often a relatively small one, is not in itself a shock to anyone. So are NHS hospitals at risk and why haven’t we seen disruption on the same scale as in the US healthcare system yet? Greg Leah, Principal Threat Researcher at Cloudmark, told SCMagazineUK.com that while there is currently very little visibility into UK healthcare targeting “Locky Ransomware appears to be indiscriminate and not specifically targeted at any person or organization.” As such NHS hospitals are just as much at risk as any organisation. In mitigation, as the attack reports would appear to confirm, Leah tells us that the Cloudmark Global Threat Network “observed 85% more emails targeted at organizations in the US than the UK” during one recent malware spam campaign. So relatively low targeting rates could be playing a part in the lack of NHS hospitals falling victim to ransomware. Luke Jennings, Head of R&D at Countercept by MWR InfoSecurity, adds that the fact some NHS systems are “centralised and bespoke may make it less likely that key files are affected by generic ransomware.”