Wannacry: one year on

Posted on 26/06/2018 by vmwareemeasmt
DISCLAIMER: this article is older than one year and may not be up to date with recent events or newly available information.

By Andrew Watson, Network and Security Systems Engineer, VMware

In May 2017, the Wannacry outbreak caused significant disruption around the world. The UK National Health Service (NHS) was notably affected, with the result being cancelled patient treatments and long delays. Across the world, the attack also caused critical outages and generated plenty of global news coverage.

This blog takes a look at what has changed during the last 12 months, and what still needs to be done to ensure the risk of such a scenario happening again is minimised.

The good
There are many positives to consider. The response from NHS staff should be highlighted as being exemplary. The work that went into preventing the loss of service to patients and recovering from impacted sites should not be forgotten. The excellent working relationship NHS IT staff have with industry vendors and partners should also be noted.

Another worthwhile outcome is that cyber security now has a stronger focus at an executive board level in local trusts. The evaluation of services and undertaking of risk reviews can only be a step in the right direction as local trust managers realise the important issues on the risk registers.

Finally, the threat of incidents is now very much in the public mind. Non-IT staff in the NHS are also much more conscious of attacks. Awareness campaigns and training are being delivered to a receptive staff audience as threats are now taken a lot more seriously.

The bad
Policy, policy, policy. Much has been written in the press about the central decisions being made to prevent a repeat of Wannacry. However, most of these recommendations are not mandated and are based around behaviour and process. There is a danger that relying on simply following a policy could become a tick-box exercise to comply with audits, rather than ensuring strategic security decisions are being made to adapt to new threats.

Patch management is an overriding theme for the recommendations. This is not always easy to achieve with multiple disparate systems operating in an ‘always available’ environment. The element of risk in patching a multi-million pound MRI scanning service that could provide lifesaving diagnosis in the clinical pathway should not be underestimated.

Public perception from Wannacry was that all of the NHS used outdated systems and relied on Windows XP. This was an untrue blanket statement that overshadowed some of the fundamental issues at play. The view also didn’t do justice to the few trusts that still have an XP presence for legitimate reasons.

Legacy security controls, such as increasing perimeter security and patch management, are the main focus of technical recommendations. Yet there’s little advice on how new technology and techniques can help prevent the spread of threats once they’re inside an organisation (e.g. micro-segmentation). A forward-thinking approach to securing patient data will enable the NHS to assure the public that they can be trusted with their critical information.

The future
There have been a number of reviews and recommendations over the last year. The main area of concern is that local trusts should be identifying better methods of stopping threats in the first place – essentially creating a zero-trust network. The NHS will continue to be the target of threats (be it malicious or accidental) in years to come. Ensuring breaches are contained will limit the impact to the public.

It is imperative that the general public has the confidence in the NHS’s ability to secure their data, particularly with new schemes such as the data opt-out programme. As the public demand more control and visibility over their own medical records, the NHS must prove they are taking appropriate steps to secure their patients’ personal data. Only then can they continue to conduct lifesaving medical research and improve interoperability of patient services.

What can VMware do to help?
With more interconnected services than ever before, along with a need to provide citizens access to records, provide better collaboration between trusts, make available more connected medical devices, and an aspiration to be paperless at the point of care – how can healthcare bodies keep up with the pace of change?

Applications change too quickly for security to be a bolted-on afterthought. By architecting security controls directly into the network and adding a virtualization layer on top of where applications live, apps and data are secured automatically, even as they change and grow over time. VMware gives security teams the ability to define network security policy on a granular level and respond with precision to detected threats on data centre endpoints. This ensures the deepest level of security possible while simultaneously limiting interference with end users and patients.

VMware NSX embeds security functions right into the core of the data centre out to the rest of the network, including end user computers and medical devices. It delivers granular security to individual systems and services, enabling a fundamentally more secure environment.

Security policies travel with the workloads, independent of where they are in the network. NSX enables micro-segmentation and granular security of workloads in virtualized networks, isolating sensitive systems and reducing both risk and scope of compliance. Applications and data can reside and be accessed anywhere, moving workloads from one data centre to another by deploying them into a hybrid cloud environment (all with inherent security at the core of the service).

If you’re interested in understanding how VMware Networking and Security technologies can secure your medical records, create a secure clinical desktop, protect legacy workloads and vulnerable medical devices, simply contact us to learn more.

Category: News & Highlights

Tags: , ,

Related Articles

Posted on 24/04/2020 by vmwareemeasmt

Empowering Business Continuity and Online Education at WSB University in Wrocław with VMware Horizon

The COVID-19 outbreak has forced academic staff and students around the world to stay at home. As a result, many universities had to stop teaching. However, thanks to VMware technologies, the WSB University has managed to maintain its business continuity. The implementation of the VMware Horizon solution is enabling the university to conduct online classes, […]

Posted on 01/07/2019 by vmwareemeasmt

How our customers benefit from secure application infrastructure

It’s safe to say, the nature of applications has fundamentally changed. In the past, apps never left the data center. Now, they are widely distributed across several virtual servers, containers, and physical servers. As a result of this, traditional perimeter security strategies are now ineffective. Why? Because apps and data need security that follows them […]

Posted on 29/03/2019 by vmwareemeasmt

Three pillars to a new way of working

Andy Philp, EMEA Solutions Marketing, VMware As the world becomes more closely connected, workforces have become more diverse and blended. Work is no longer confined to a place, rather it has become about making things happen – wherever you are, and however you work. A new report from IDC ‘Becoming “Future of Work” Ready: Follow […]


No comments yet

Add a comment

Your email address will not be published.

This site uses cookies to improve the user experience. By using this site you agree to the privacy policy