NHS Lanarkshire suffered a second ransomware attack over the weekend, resulting in canceled operations and uncared for patients.
This is the second ransomware attack this year the organization has been hit with, the first being the infamous WannaCry attack which occurred in May.
This attack, said to be of the Bitpaymer variant, struck the organization on Friday, causing some operations to be canceled over the weekend. The NHS security systems were unable to detect the malware because it was a new variant, leading many to believe they’re still using very basic software.
The IT team worked tirelessly over the weekend to contain the outbreak while patients were instructed to not visit their local hospitals unless it was an emergency.
NHS Lanarkshire chief executive, Calum Campbell, made a statement on Friday claiming, “While the issue is being resolved out staff have been working hard to minimize the impact on patients and we apologize to anyone who has been affected.”
It’s currently unclear how the systems were infected by the new ransomware variant, but if history repeats itself, a phishing attack could be a likely attack vector.
It’s believed that NHS Lanarkshire was one of the worst affected by the WannaCry attacks, which impacted more than 200,000 victims in 150 countries.
It’s vitally important that the NHS take the necessary steps and implement basic security best practices. NNT recommends the CIS Critical Security Controls as a basis for sound cyber security. We also have several Ransomware Mitigation Kits available, comprising the necessary automated vulnerability checks and also the Group Policy/Puppet templates to automatically fix any weaknesses identified. To learn more or to request your own personalized ransomware mitigation kit, click here.
Read this article on InfoSecurity Magazine