In what could turn out to be the biggest, most impactful Ransomware attack to date, the BBC reported today that, “NHS services across England have been hit by IT failure, caused by a large-scale cyber-attack. GP surgeries and hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire are among those whose computer systems have been affected. Staff cannot access patient data, which has been encrypted by ransomware that hit NHS networks.”
Reports online claim anywhere from 11 to 16 hospitals are affected, with ambulances being rerouted to emergency clinics at hospitals that have not been impacted.
As we noted in a post earlier this year, “A recent SonicWall Threat Report states that the number of Ransomware attacks increased from 3.8 million in 2015 to 638 million in 2016. What’s even scarier is that companies are actually paying the ransom without reporting the attack out of fear of damaging their brand name. Although tough to estimate, SonicWall reports that $209M was paid out in ransom to hackers in the 1st Quarter of 2016.”
Why don’t security solutions stop the attacks?
Most of these companies and hospitals have security systems in place. So what happened? According to ArsTechnica, “Multiple sources point to this ransomware attack being based on the EternalBlue vulnerability, which was discovered by the NSA but was leaked by a group calling itself Shadow Brokers last month.” Vulnerabilities are known so hackers take advantage before security teams are prepared.
So what do you do to avoid being next?
The best strategy is to implement a security solution AND use a disaster recovery solution with Point-In-Time recovery to avoid damage from an attack. The former helps prevent attacks, but the latter helps even when the security software fails. How? Solutions like Zerto allow users to roll back to a consistent point in time before the attack, and simply “erase” the attack from ever happening. Think that sounds impossible? Many Zerto customers are doing this today. Watch one of our customers in this video explain how they avoided paying the ransom after an attack.
With better planning, paying a ransom could and should become a thing of the past.