UK National Health Service Suffers Crippling Wanna Decryptor Ransomware Attack

Last fall, we reported on a somewhat humorous report of a mere "reply all" email that managed to bring down email servers of the UK's National Health Service.  Unfortunately, we have something a bit more severe to report on today: an all-out cyberattack against the NHS.

At some point today, doctors at NHS had to begin turning away patients as a ransomware attack that affected NHS' most important servers reared its ugly head. Doctors and staff were immediately locked out of their computers, essentially meaning that patient data could not be accessed.

Queen Elizabeth Hospital Birmingham
Queen Elizabeth Hospital in Birmingham; Flickr: Tony Hisgett

It's not believed at this time that the attack will result in leaked patient data, but investigations are ongoing. The ransomware used in this case is Wanna Decrypter, which managed to affect 16 organizations. In a statement, NHS says that the attack wasn't targeted directly at its own agency, but that it "is affecting organisations from across a range of sectors.".

Also known as WannaCry, Wanna Decrypter immediately copies your data, encrypts the new version, and then deletes the old one, leaving the user in a vulnerable position to the attacker. As its name implies, "ransomware" demands compensation for the return of the data, making it some of the most infuriating malware going.

Wanna Decryptor Malware
Wanna Decrypter Ransomware

At this time, we don't know what the attackers in this case are demanding. The NHS says that it is working closely with the National Cyber Security Centre, The Department of Health, and NHS England to both support affected organizations and ensure patient safety.

Incidents like these highlight the fact that security is still not where we need it to be. Under absolutely no circumstance should an incident like this be able to occur. This in turn should help beef up defenses sooner, and better.