WannaCry was the most devastating cyber-attack of 2017 to-date. It had a colossal impact on organizations across the globe, it infected over 200,000 computers in 150 countries which crippled everything from hospitals to logistics firms. While it would still take months for the forensic investigators to assess the total impact of WannaCry, the attack has surely provided a timely wake-up call to businesses in every industry about the importance of security. Keeping this very thought in mind here are the five key learnings from the WannaCry cyberattack to help you protect your organization.
Five Key Learnings From The WannaCry Cyberattack
1. Update Immediately
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
According to theory, the overall impact of the WannaCry ransomware could have been minimal as Microsoft on 14th March 2017 rolled out a patch for the vulnerability. But reports suggest that only 10 to 15 per cent of the businesses around the world had implemented the critical update. Most of the businesses who fell victim of WannaCry were unprotected. This is the first and the most important lesson of WannaCry, i.e. business leaders should appreciate the importance of security updates.
2. Medical Devices: A Point Of Concern?
Precisely, WannaCry was successful in attacking the Bayer Medrad radiology devices. This was the first ever known hacks of medical devices. The major concern about medical devices is that it is directly linked to the condition of the patient. Hacking of EHR system is problematic and disruptive and hacking of medical devices can be in theory life-threatening.
3. Cybersecurity Should Be A Strategic Priority For Healthcare Providers
Traditionally the importance of cybersecurity has been low on hospital executives. But, tight operating margins and old technology can create an unfortunate breeding ground for cyberattacks as health data are some of the more sensitive data for patients — and the most profitable for hackers. The key aspect for improving cybersecurity in healthcare is to make it a strategic priority.
4. Healthcare Industry Is New To Using IT
It is a truth that most of the healthcare providers are new to the idea of a digital environment. While other industries had enough time to figure out how to keep their systems secure, the healthcare industry could not. Healthcare organizations should adopt EHRs and ensure that the system is updated, but this is a time-consuming task and involves cost. Health systems also have to ensure they are complying with patient privacy and laws like HIPAA. But again, the while things become more convenient they also tend to become more vulnerable.
5. The Real Threat Of Ransomware
WannaCry demanded a ransom of $300 to $600 range, and most organizations chose not to pay them. As of May 12, one consultancy estimated that only $100,000 in total was sent to hackers, so practically no was going to get independently wealthy off this hack. But if a more successful effort than WannaCry is made it could actually bring the healthcare industry to a halt without getting the ransom in return.
It is important to remember, that cybersecurity is not a perfect science. It is practically not possible to thwart every cyber-attack ahead of time, it is more like the game of chess. Healthcare organizations need to implement a good strategy which should be capable to swing the odds in their favor.
Date: 30 May, 2017