The ransomware attack that has taken hospital systemsin England and Scotland offline has spread globally.
According to cybersecurity firm Kaspersky, it’s reached at least 74 countries, attacking all sorts of institutions.
The NHS was merely collateral damage. That doesn’t absolve the NHS trusts affected, though.
According to security sources, this attack probably wasn’t a nation state leveraging vast resources and spending months to break into a target, as we saw with the Sony hack, the infiltration of the Democratic National Committee in the US elections, or the attack that took a French TV station offline.
It was criminals looking for a Bitcoin buck.
But they supercharged the attack, using a technique originally discovered by the NSA, called Eternal Blue.
That exploit was leaked, by a group called Shadow Brokers, meaning hackers could take advantage of it.
Microsoft was quick to patch the vulnerability, offering it from 12 March. The company says those with up to date software are “protected” from the ransomware attack.
So why weren’t the affected NHS trusts up to date?
An NHS IT source told me: “They patched nothing generally.”
Staff working to keep systems up to date were “crushed” – by a lack of organisational understanding and money.
Last year we investigated cybersecurity in the NHS. We found that some trusts spent no money whatsoever on cybersecurity.
The white hat hackers we worked with found serious vulnerabilities just at first glances.
Those failings have now been exposed. And it’s patients who are paying the price.