Malware

Malware (malicious software) is used by criminals to disrupt computer operations and access confidential information. Malware can be installed into your computer through clicking a link in an email, opening an attachment to an email, or by downloading software from a malicious source.

Malware is short for ’malicious software’, that is, any program that performs malicious activities. Malware comes with a wide range of shapes and forms, and with different classifications accordingly, e.g., viruses, Trojans, worms, spyware, botnet malware, ransomware, etc.

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Cyber criminals then demand ransom in exchange for decryption.

In recent years ransomware attacks have become increasing prevalent and can have a severe impact on business processes leaving organisations without the data they need to operate and deliver critical services. The use of cryptocurrencies such as bitcoin to collect ransom payments is designed to frustrate attempts in tracing the cybercriminals.

The NHS Cyber Attack

In 2017, the NHS was one of several victims of a global ransomware attack known as ‘WannaCry’ which was distributed using a self-replicating worm. The worm exploited a vulnerability within the Windows operating systems and affected 300,000 computers in 150 countries.

The ransomware in this case, was delivered via emails which tricked the recipient into opening attachments and releasing malware onto their system through a phishing email. Once the computer had been affected, it locked up the files and encrypted them in a way that could not be accessed. Payment in bitcoin was then demanded in order to regain access.

Over a third of England’s NHS trusts were disrupted, with over 6,900 NHS appointments cancelled and some patients needing to travel further for accident and emergency care. Most of the NHS victims used systems for which patches were available but had not been applied, highlighting the importance of basic security practices.

NHS England and the National Crime Agency reported that no NHS organisation paid the ransom, but it is estimated that disruption to services cost the NHS around £92m.

  • Keep your firewalls and security software updated, setting updates to auto where possible.
  • Install the latest updates for your internet browser and operating system.
  • Only download files and software from trustworthy sources.
  • Be cautious of emails which ask you to follow a website link or open an attachment.
  • Run regular security scans on your devices.
  • Ensure you keep your important files backed up, stored off your network.
  • If your computer does get infected, disconnect from the network straight away and seek professional assistance.
  • Any cyber or data security incidents detected should be reported in the first instance to your organisation’s IT department. NHS organisations and staff can report cyber or data security incidents to the NHS Data Security Centre.

Help us improve cfa.nhs.uk

Tell us what's happened so we can fix the problem. Please do not provide any personal, identifiable or sensitive information.

Close

Thanks for the feedback!

Close