20 Feb 2020

NHS reduces major IT attacks since 2017 WannaCry Ransomware crisis

Since 2014, the NHS has suffered 209 successful ransomware attacks according to stats based on Freedom of Information requests. However, the situation has improved dramatically since 2017, the year WannaCry ransomware hit the health service.

 

 

The figures, posted in a report from research company Comparitech, highlight the following statistics since 2014:

  • 209 or more successful attacks, ranging from one computer to an entire system
  • No ransoms reported to have been paid
  • Estimated downtime of 206 days
  • Only 6 attacks were reported after 2017, the year of WannaCry, albeit with the caveat that 20% of hospitals refused, or failed to respond to the survey

 

The research company sent the survey to  254 NHS Trusts, with 184 responding, 20 not responding and 50 refusing to hand over the information requested.

 

A September 2018 government report estimated the cost of WannaCry, aka WannaCrypt, to be up to £92m, most of which occurred in the aftermath, rather than during the attack, to restore data and systems.

 

If you need some advice and guidance on how Venture 1 can help with your businesses security needs,

FIND OUT MORE HERE.

07 Jun 2019

Why has Windows XP received a new patch in 2019?

2014 was Microsoft’s official timestamps for when Windows XP would stop receiving support. That was until 2017 when a patch was released to defend itself against the WannaCry ransomware situation. 2 years down the line and again it seems Microsoft have released another new patch…. But why?

 

Microsoft recently released patches for both Windows XP and Windows Server 2003. The reason behind this is said to be to prevent a ‘wormable vulnerability’ that has the potential to cause as much chaos as WannaCry did back in 2017 if unchecked.

 

On the 14th May 2019, Microsoft stated:
Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

Now that I have your attention, it is important that affected systems are patched as quickly as possible to prevent such a scenario from happening. In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows.

Full Microsoft statement HERE

 

If you need some advice and guidance to do with IT security, or an independent security audit please feel free to contact us directly! CLICK HERE