Thousands of sensitive files have reportedly been compromised in a ransomware attack affecting Barts Health Trust and its four hospitals, The Royal London, St Bartholomew’s, Whipps Cross and Newham. The trust has limited access to a number of files in line with contingency plans and is investigating the incident. It’s unclear how much ransom is being requested.
John Bambenek, Threat Intelligence Manager at Fidelis Cybersecurity comments,
“Hackers are certainly going full steam ahead with ransomware attacks in 2017 and the latest suffered by Barts Health Trust is a testament to this. The trouble is that local authorities and governments aren’t very prepared and they have extremely valuable information that simply can’t be lost, so they’re a tempting target for cybercriminals. In this case, the use of unsupported Windows XP and file-sharing, greatly increased the exposure of Barts Health Trust to this attack. One of the best defences against ransomware is making sure machines are fully patched and using only supported operating systems. Windows XP has been end-of-lifed for some time, more than enough time for Barts to find a migration path to a more modern and safe operating system.
“Hopefully, the Trust will have the ability to recover from a complete loss of data, most notably a robust data back up system, given it’s unclear exactly what data has been held to ransom other than than it’s sizeable. This is also the reason it is essential to continuously monitor the network for anomalous behaviour that could potentially indicate an attacker is inside the network. Cyber defence is essential, but it’s no longer enough, organisations of all sizes need to invest in detecting threats as well. Only then will cyber criminals be caught early enough to expel them from the network before serious damage is done.
“While we can tout the advice ‘only pay the criminals, never pay the ransom’, if you’re up against a wall, often there is no other choice. That said, in this incident, it appears that the Trust does have contingency plans in place, which is commendable.”