Government braces itself for further cyber attacks
15 May 2017
The National Cyber Security Centre (NCSS) has warned that the UK will likely suffer additional cyber attacks following last week’s global security breach.
On 12 May, a coordinated ransomware attack besieged more than 75,000 computers in at least 99 countries. In the UK 48 National Health Trusts fell victim to the attack, which locked computers and demanded payment to access locked files. It left the NHS in a state of crisis with doctors unable to access patient records for several hours.
No group has taken responsibility for the attack but the attack was drawn from the exploits stolen from the National Security Agency in the United States. That theft was publicly reported earlier this year. A month prior, on March 14, Microsoft released a security update to patch this vulnerability and protect its customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. As a result, hospitals, businesses, governments, and computers at homes were affected.
The NCSC released a statement saying further attacks are imminent: “It is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks.
“This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale. Our national focus must therefore be on two lines of defence. The first is to limit the spread and impact of the attacks that have already occurred. Due to broad government and partner efforts, a variety of tools are now publicly available to help organisations to do this. This guidance can be found on our homepage at www.ncsc.gov.uk.”
Speaking after an emergency COBRA meeting, Home Secretary Amber Rudd said the NHS must learn from the attack. She told Sky News: “If you look at who's been impacted by this virus, it's a huge variety across different industries and across international governments.
“This is a virus that attacked Windows platforms... I don't think it's to do with that preparedness. There's always more we can all do to make sure we're secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.”
Microsoft president and chief legal officer Brad Smith has criticised the way governments are stockpiling cyber vulnerabilities. He said: “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organised criminal action.
“The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.”