No doubt you would have seen in the news that the NHS has been subject to a cyber attack, a type of attack known as Ransonware. Simply put your computer gets locked and you are forced (in theory) to pay fee to get it unlock.
There are two main things that spring to mind when I heard about this attack. Security and Outsourcing.
Having started my career out as a network engineer, and one of only 4 CCNP is the UK. I known a thing or two about network security, oh yeah I also wrote the algorithm for the SSL protocol. What struck me is that the simplistic nature required for this type of attack. The basic issue with this type of attack is access. The virus needs to be put onto a computer, this normally comes from I of a couple of places. Email Attachment or direct (USB key, Disk, etc).
The attack is very rarely done from outside a network, as this creates a trail. Which can be followed.
So this attack had to get onto the network and with the increased amount of inexperienced IT people working today, this is now so much easier. Lack of security protocols in place in connection to emails, use of USB keys, etc means its easier to infect a computer than ever before, added to IT staff not aware of the dangers. We end up with a cyber attack.
Of course this is not to say it was not an inside job…
Then we move onto outsourcing, the NHS is actually run by third party privates firms, all of which act independent of the NHS. This means a weaker process than for internal NHS systems, meaning there is greater scope for hiring of the wrong inexperienced staff as well as greater scope for weaker IT security opening the door to the wonderful world of IT viruses.
So not only do we end up with infected NHS systems but peoples lives are put at risk!!! and WHY!! Just to save a few pounds.
So with my over 20 years experience in both IT security, networks, systems and Business processes and having worked for and improved and secured some of the largest companies on the planet. I can speak from experience in that firstly this attack should never have hit the NHS, and secondly this attack is that its not part of a larger attack, but has high lighted problems in the NHS in terms of who they employ and use for their services and in particular who they use for their IT function.
Lets not now get into shutting the gate after the horse ha bolted, but given the basic type of attack. Had the NHS areas infected had correct staff and security in place this would never have happened and with the correct backups in place, both restoring and recovery would be able to be done in a matter of hours, not stop everything from working and peoples lives being effected.