NHS cyber attack: How to protect yourself against ransomware

Installing new patches and computer updates, avoiding dubious websites and downloads, and backing up important files are key steps

Screenshots shared online purportedly from NHS staff, show a program demanding $300 (£230) in Bitcoin
Screenshots shared online purportedly from NHS staff, show a program demanding $300 (£230) in Bitcoin

The risk of being infected by ransomware can be reduced significantly by taking the usual computer security steps, such as ensuring patches and updates are installed as they are released by software firms.

According to the National Cyber Security Centre, an arm of intelligence agency GCHQ, the hackers will exploit vulnerabilities in operating systems, web browsers, plug-in and application that have often been known about for some time.

“Software providers will have made patches available to mitigate them. Deploying these patches, or otherwise mitigating the vulnerabilities, is the most effective way of preventing systems being compromised,” the NCSC’s website says.

“However, as well as patching the devices used for web browsing and email, it's important to patch the systems they are connected to, since some ransomware is known to move around systems, encrypting files as it goes.”

The centre also suggests companies, which tend to be targeted for ransomware, should prevent staff from installing software on their computers without authorisation from an administrator.

“Remember that users may sometimes legitimately need to run code that you have not pre-authorised; consider how you will enable them to do this, so that they are not tempted to do it secretly, in ways you can't see or risk-manage,” it suggests.

​Websites should also be filtered so that people will not click on a site that could contain the virus.

The effect of a successful ransomware attack can also be reduced by restricting access to parts of the company system to those who need to use them.

“Good access control is important. The compartmentalisation of user privileges can limit the extent of the encryption to just the data owned by the affected user,” NCSC says.

“Re-evaluate permissions on shared network drives regularly to prevent the spreading of ransomware to mapped and unmapped drives.

“System administrators with high levels of access should avoid using their admin accounts for email and web browsing.

“Ransomware doesn’t have to go viral in your organisation; limit access to your data and file systems to those with a business need to use them. This is good practice anyway and, like many of the recommendations we make here, prevents against a range of cyber attacks.”

It also recommends having a secure back-up of files on machines that are not at risk of ransomware.

Anyone suffering a ransomware attack or online fraud can contact Action Fraud at www.actionfraud.police.uk.

“It is a matter for the victim whether to pay the ransom, but the National Crime Agency encourages industry and the public not to pay,” the NCSC says.

The centre also runs a commercial scheme called Cyber Incident Response, where certified companies provide crisis support to affected organisations.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in