Get used to ransomware and outages, says infrastructure exec
Infrastructure Management

Get used to ransomware and outages, says infrastructure exec

Ransomware is here to stay and the UK’s Health Secretary Jeremy Hunt better get used to it. The recent WannaCry ransomware attacks played havoc with a number of UK hospital trusts prompting Hunt’s knees to jerk towards an idea, reported in the Financial Times, that hospitals should be rated on data security. With around 70,000 NHS devices still running Windows XP, the issue is surely more about funding than about individual hospital data management, however. Rating them is missing the point.

In the fast-growing data economy, the National Health Service, like any public body in any country, needs to have a centralised policy on how to keep data secure. Data has become a key element of infrastructure and as such needs investment and a plan to protect it. Using ratings as a threat to shame hospitals is not a policy.

Ransomware is not new, not even to the NHS. It’s been around for ages and in February, digital workspace company RES published a report saying that between 2015 and 2016, 88 NHS trusts had been attacked by ransomware. Lessons have clearly not been learned, whether it’s individuals not updating software patches or clicking on malicious emails or governments not taking the issue seriously enough.

Richard Agnew, who works as a vice president for software company Veeam in the UK and Europe, believes that organisations like the NHS, governments and even businesses have to start thinking differently to cope with the rapid rise in cybercriminal activity. Facing the problem head on, he says, by which he means just putting more security software in place, is just one step towards tackling the issue. Human error, software bugs and crashing hardware are not going to go away.

He points to recent service outages too at places such as Virgin Money, WhatsApp and British Airways and says these things are “always going to happen.” He’s right of course, so can we legislate for it?

“The biggest ones are usually human based, someone applies a wrong patch, someone turns something off when they shouldn’t have, things go wrong,” says Agnew. “Like ransomware, you have to work on the assumption that it’s going to happen and look at how you can recover quickly from it. No, you can’t legislate for it.”

Agnew’s point of course is that if you have good data backup technology and policies in place, it lessens the impact of ransomware. If you know you have your data safe and that you can bring it back (through a series of tools which ensure the back-up is not infected) then ransomware becomes less effective as a means of extortion. That’s the theory anyway.

Agnew’s employer, Veeam, has a vested interest of course. It provides the software that manages data back-ups and the tools to test it and bring it back into a business. Does he have a point? Certainly the NHS could have done with a more robust policy on data security and storage but it wouldn’t necessarily have stopped the problem, but it would, says Agnew, “have made the recovery process less painful.”

PREVIOUS ARTICLE

«Which Enterprise Password Managers work the best?

NEXT ARTICLE

Is quantum computing nearly here yet?»
Marc Ambasna-Jones

Marc Ambasna-Jones is a UK-based freelance writer and media consultant and has been writing about business and technology since 1989.

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?