Could you be attacked like the NHS?

Andrew Rowland | 7 June 2017 | 0 comments

The WannaCry virus that so devastated the NHS at the end of May is indiscriminate. The NHS was not targeted specifically: it was just particularly vulnerable because of the number of old computers it has, but world-wide 300,000 computers in 150 countries were affected and many companies, including giants like FedEx, fell victim to the attack.

The nasty thing is, the virus encrypts (scrambles) all your files leaving you unable to access your documents, photos and videos unless you pay a sizable fee – which is why this sort of virus is called ransomware. A window pops up on your screen giving instructions on how to make a payment, in return for which the criminals claim they will provide a decryption key that lets you unscramble the files. Certainly without the key, decrypting them would be impossible. You don’t have to be a rich organisation or have ‘something worth stealing’ to be affected. With ransoms to the tune of £230-£460 demanded, the criminals will be as content to take your money as anyone else’s. And there is no guarantee that the key will work.

So how did it spread? As was widely reported at the time, it used a flaw in Microsoft Windows to infect machines, spreading with the aid of another virus known as a worm, which can spread from machine to machine without the users even doing anything. It is believed that the flaw had been spotted by America’s spy agency, the NSA, who were using it for their own spying activities. It got leaked along with a bunch of other exploits, giving criminals a huge helping hand. However, the particular flaw used by WannaCry had already been patched by Microsoft a month earlier – the only computers affected had not been kept up to date. Incidentally, the vast majority of affected machines were running Windows 7, a current, supported operating system, and not (as some people initially assumed) the now-retired Windows XP.

There was a lot of criticism of the NHS in the media for this situation, but to be fair to them, no large organisation updates all of its computers the moment a patch is released. They test the patch thoroughly first to make sure it won’t cause other problems and is compatible with their mission-critical software. The annals of IT departments are rife with stories of self-inflicted chaos caused by deploying insufficiently tested updates. So for the NHS to be one month behind is normal and even wise.

But home users don’t have that excuse. While a badly behaved update might cause you inconvenience, it is unlikely to be as disruptive or destructive as a virus infection like WannaCry. Let’s face it, you don’t have special machines where you install Microsoft updates each month and run a battery of tests before allowing them onto your main PCs and laptops, do you? So set Windows Update to install updates automatically and co-operate when it wants to reboot. Annoying perhaps, but those relatively infrequent interruptions could be keeping you safe from something far worse.

Finally, make sure that Windows Update is actually working. I have had several computers in recently that hadn’t been updated for over a year and the owners had no idea. It does break sometimes – if the history has nothing recent in it (less than a month) or updates are listed as having failed, get it fixed quickly!

And as I said in my last blog, don’t imagine that if you have an anti-virus program that you are safe. While anti-virus is a very important protection, you must also install fixes for vulnerabilities and make backups!

© Andrew Rowland 2017

Vista expires on 11 April
Blog Contents Page
Do you need surge protection?

Comment or Ask a Question