What accounts for the success of the WannaCrypt ransomware attack on Britain’s National Health Service?
By
Steve James
23 May 2017
Britain’s National Health Service (NHS) was among the most high-profile and serious victims of the recent global WannaCrypt ransomware attack.
The malware illegally encrypted files on Windows desktop PCs and servers, based on a Windows-vulnerability. The worm arrived by email and, once installed, scanned accessible machines and copied itself to its new targets while encrypting files on the original host. PC users globally were presented with the now infamous ransom demand for $300 and the threat that their files would be deleted.
Within the NHS, WannaCrypt caused and continues to cause chaos. Doctors and medical staff in hundreds of hospitals and general practices reported that access to saved files was impossible. Patient records were unavailable, scans and X-rays could not be transferred from scanners, appointments could not be confirmed or altered. Staff resorted to written notes and their own mobile phones.
In all 47 NHS trusts in England and Wales, and 13 NHS bodies in Scotland were disrupted. Ambulances were turned away and operations cancelled at St Bartholomew’s hospital in London. Appointments were also cancelled at Newham University Hospital and at Whipps Cross in the capital. Patients at Stoke and Stafford hospitals were told to avoid Accident and Emergency units unless absolutely necessary.
In Scotland, NHS Lanarkshire told patients to stay away from hospitals. Dumfries and Galloway shut down its services to general practices. Radiology for NHS Western Isles was affected. Three days after the May 12 attack, seven trusts were still reporting problems, while many doctor’s surgeries were still unable to access patient…