This weekend the Scottish health board NHS Lanarkshire publicly apologised after a ransomware attack in May 2017 that left the hospital in disarray. The board was one of the eleven health boards to be attacked, forcing them to temporarily shut down their IT systems in order to keep the attack from spreading /1/. Personnel were unable to access e-mail, patient files, and appointment records, and as a result many patients were sent home or asked to seek care elsewhere while Lanarkshire dealt with the damage.
Ransomware held patient data hostage
The ransomware that attacked eleven of fourteen NHS health boards took advantage of networks rendered vulnerable by the use of outdated software /2/. Ransomware is often spread through emails containing links to malicious websites or ZIP files. When a user clicks on the website or opens the ZIP, their data will be encrypted so that it is no longer accessible. The malware then demands that the user pays a certain amount in Bitcoin in order for the data to be decrypted /3/.
The perpetrators set the ransom amount low enough that a company may decide to pay the cost instead of hiring a professional to save the data. If the data has not been backed up, the company will ultimately have to pay some price so that their data is not lost /3/. Ransomware essentially holds devices hostage, which is dangerous for organisations such as the NHS, whose infrastructure provides that the malware can be spread easily to many computers. The potential damage of such an attack is a major threat to such organisation and is illustrated perfectly in the case of the NHS.
Cyber-attacks a somber threat for government agencies
Ransomware essentially holds devices hostage, which is dangerous for organisations such as the NHS, whose infrastructure provides that the malware can be spread easily to many computers. The potential damage of such an attack is a major threat to such organisation and is illustrated perfectly in the case of the NHS.
The threat of cyber-attacks hails the question of what organisations can do to protect themselves. Large organisations with many computers face tremendous costs when they want to keep their software up-to-date as a measure of protection from and attack they are not sure will happen.
Why Blockchain can boost cyber-security
In the case of the NHS the use of centralised databases made the potential of the destruction of the data on one server a tremendous threat and thus advantage for a ransomware attack. Had they been using Blockchain technology to save critical records, especially those containing patient information, their data would not have been so enticing for such an attack. Blockchain distributes many copies of data throughout an overall data bank, so when one node fails, the user can keep working with the database. The stakes of the loss of data on one node are thus clearly lower with Blockchain.
If the data was distributed, the perpetrators of a ransomware attack would have their work cut out for them in order to reach the point where they could hold all of the data hostage. A company’s investment in Blockchain technology may be, then, more powerful in deterring cyber-attacks as well as more cost-effective than constantly having to update software for hundreds or even thousands of computers.
To learn more about Blockchain and its benefits for your company, you can contact us here.