On May 12, 2017, a wave of cyberattacks worldwide affected many computers, particularly those used by hospitals in the United Kingdom.
The culprit was quickly discovered—a virus, WannaCry, which was spreading like wildfire. It didn’t delete data from computers, but rather encrypted it and then demanded a ransom to unlock the computer. This is what we now know of as ransomware.
So what happened? And what were the consequences?
WannaCry
WannaCry didn’t just appear out of nowhere. Hackers exploited a Windows security flaw, originally discovered by the US National Security Agency (NSA)… which was hacked, and the NSA’s intel on the flaw was stolen! So one hack led to another. What a time to be alive! 😛
Can anyone guess how this hack could have been avoided? If you said “a security update,” you’ve hit the nail on the head! Many businesses were using unpatched Windows computers. These computers were hit by the WannaCry ransomware, which spread like wildfire through its file system. Once installed, it would encrypt all the computer’s data and demand a ransom, to be paid in Bitcoin, allowing the hackers to collect the payments without any sort of digital trace.
Impact on Hospitals
The virus affected many companies and organizations, but what mainly made headlines was its serious impact on hospitals, particularly in the United Kingdom.
Hospitals often only have older computers at their disposal, and Windows XP is an obsolete operating system that no longer is supported by Microsoft (and thus is not regularly updated anymore). But these computers are still used to store patients’ medical records—without them, it would be chaos, and hospitals couldn’t function!
When the virus hit, doctors had to go back to using paper forms as an emergency measure.
It would almost be laughable if patients’ lives weren't at stake. A disorganized hospital takes longer to process patients’ medical records, and this could result in critical or even deadly errors in patient care.
Some hospitals were tempted to pay the ransom in a desperate attempt to recover the data. However, with ransomware attacks, there’s no guarantee that this will even work, not to mention that it encourages hackers to continue. In fact, the FBI recommends not paying ransoms.
Let’s Recap!
Older computers running obsolete operating systems like Windows XP are still sometimes used for critical applications. Hardware and software need to be regularly updated.
One security incident (NSA data breach) can lead to another (WannaCry).
A cybersecurity incident can have very severe consequences, such as preventing hospitals from being able to effectively treat patients.
