(c) 2014 www.bluecoat.com under CC BY-SA 2.0It was only a year ago that the global ransomware attack WannaCry was infecting more than 230,000 computers, spanning at least 150 countries. In the UK, we saw the story garner many column inches and public opinion centred on an overwhelming concern about the consequences on healthcare organisations.

In February, the NHS released the report ‘Lessons learned review of the WannaCry Ransomware Cyber Attack’. It was written by NHS’ Chief Information Officer for Health and Social Care, William Smart. In this report, the CIO explained that a cybersecurity researcher activated a ‘kill-switch’ on the evening of Friday 12 May. This had the effect of stopping WannaCry infecting further devices. Without this intervention, it is likely that the impact that WannaCry had on services would have been even greater. But what if that man hadn’t stopped the ransomware?

In this article we go through the cloud solutions that could’ve been leveraged to avoid the incident. You’ll be surprised to see how, by using these, the NHS could have mitigated the risk of sensitive data falling into the wrong hands, and quickly recover from such an attack.

Is data more secure in the cloud?

After your data has been encrypted by a ransomware, recovering it is almost impossible, thus, investing in prevention seems to be the securest solution. The first step would be creating secure backups of sensitive data on a regular basis. In case of a ransomware attack, you need to physically disconnect the storage device to avoid it being infected. In this type of situation, it would be best to keep your data backed up in the cloud rather than on-premises.

In an ideal world, the best solution would be to be warned early enough, so you can quickly isolate a ransomware infection and recover important data before the entire network is affected.

Some CSPs have enhanced their solutions, for example here at iland we now offer:

  • deep packet inspection
  • encryption
  • antivirus
  • anti-malware scans
  • and integrated reports for compliance and regulatory audits.

These services can include:

  • vulnerability scanning
  • monitoring of changes to critical files and application control which helps limit or block network access for certain applications firewall event
  • identification and prevention of DDOS and other cyber-attacks
  • web reputation monitoring and control
  • proactive quarantine of known viruses and malware

It is important here to outline that, when confronted by a ransomware attack, your weakest links in the security chain are your endpoints. Therefore, users’ devices must be protected with AV protection, regular backups and anomaly detection.

DRaaS, the ultimate prevention?

At the time, public opinion was primarily concerned about the consequences of WannaCry’s encryption of NHS patients’ data files and medical systems. However, what caused most damage was the downtime. Moreover, even though a simple backup will let you restore your production database, this will take much more time than a DRaaS solution.

DR is a system of replication combining software and the cloud designed to minimise downtime. It creates a copy of the VM at a secondary location and can fail-over in seconds or minutes. Instead of simply having backups, DR allows organisations to devise a recoverability strategy for when a disaster strikes. This enables them to failover production systems and get the organisation back up and running quickly.

DRaaS involves the engagement of a cloud service provider that facilitates some or all the recovery process and hosts the replicated systems in their cloud. DRaaS provides more benefits to healthcare organisations than secondary sites by providing geographic diversity and the support of an engaged third party to help in an emergency.

Has it convinced healthcare organisations?

While consequences could have been much worse, healthcare organisations became more conscious of the importance of having robust security. This is when cloud computing was looked at as a one of the best threat response strategies. The automation that can be applied to the cloud and the scalability of its monitoring and threat detection means that it’s easier to detect and manage incidents. In terms of security, it shows a proactive process that allows organisations to manage incidents more effectively and enhance malware prevention.

Earlier this year, the Secretary of State for Health and Social Care, Jeremy Hunt, signed off on the first official guidance aiming to help the UK’s National Health Service moving to cloud. The cloud will help them to provide reliable disaster recovery, support for agile deployments, and a freedom from maintaining hardware. However, many seem to still be resistant to this move due to compliance concerns.

IT departments in healthcare firms often don’t have the time or resident expertise to confidently solve the cloud compliance problem. This could be due to identifying and implementing the proper controls in the cloud, passing an audit on cloud resources, or keeping up with changing regulations.

However, they don’t have to do it alone. Here at iland we have brought together cloud, security, and compliance into one, seamless platform, enabling organisations to get access to the security controls required by the regulators, the reports needed to complete an audit, and the support from in-house Compliance teams, to answer any questions.

Healthcare organisations should be urged to embrace the cloud, not only because it is an opportunity to reduce cost. Cloud technology also stimulates innovation, offers greater security and easier scalability than traditional solutions.


iland-logo

iland is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS). They are recognised by industry analysts as a leader in disaster recovery. The award-winning iland Secure Cloud Console natively combines deep layered security, predictive analytics and compliance to deliver unmatched visibility and ease of management for all of iland’s cloud services. Headquartered in Houston, Texas and London, UK, iland delivers cloud services from its data centres throughout the Americas, Europe, Australia and Asia. Learn more at iland.com.


LEAVE A REPLY

Please enter your comment!
Please enter your name here