Following the mass ransomware cyber attack and the infection of the NHS systems last week, we thought it would be helpful to share some answers to your questions.

What is ransomware?

Exactly what it says on the tin; Ransomware is a particularly complex computer virus. If it gets onto a computer it searches for personal files, encrypts them and forwards the decryption code to an online server. When you next login a pop-up message appears demanding a ransom to unlock your files. The ransom is usually paid in cryptocurrency such as Bitcoin, and then you receive the code to unlock your files. Of course, paying the ransom doesn’t guarantee that you will receive a decryption key.

Ransomware Cyber Attack on the NHS

The media headlines suggest a deliberate attack on the NHS, but this is untrue. The ‘Wannacry’ virus exploited a weakness particularly found in Windows XP systems (still widely used by the NHS). And, although Microsoft fixed the problem three months ago, many larger organisations had not yet installed the patch. This is likely to be down to the complex nature of systems such as those employed by the NHS. It takes time for their IT teams to deploy patches; first ensuring that the patch doesn’t cause another problem. The old medical mantra of ‘first do no harm’ rings true here. Smaller companies can often install patches quickly as their systems are less complex. The real cost to the NHS will be potentially significant system downtime caused by the attack.

Backup and update

Backup your data! If you have a backup you can reboot your system to a point before a virus attack. The more frequently you backup, the less data you’ll lose by restoring to an earlier point. Your backup should be stored away from your principal system. If you don’t have a backup and have been infected by ransomware, stop using the system and contact your IT provider. They may still be able to recover some data. The longer you continue using your system, the more it reduces the chances of data recovery. As well as a backup, ensure you have the latest security updates for your operating system. Install and update high-quality malware and anti-virus protection.

The extensive use of Windows XP has contributed to the fast spread of this virus. Although Microsoft issued a patch for this particular virus; it doesn’t regularly issue security updates for XP. But XP systems were not the only ones affected. While this attack is primarily against Windows systems, other operating systems are always vulnerable to viruses. Even Macs can become infected with viruses.

Keep calm and be vigilant

Backing-up and ensuring up-to-date antivirus and operating systems will help protect against the current attack and future viruses. Use your system as normal, but be particularly careful about opening email links and downloading files. Remember that emails from friends and family might also be infected.
Your system is always at risk and will continue to be after this has blown over. The media has reported this event extensively because of the enormous scale and high profile victims. This is not a one off.

Off-site cloud data storage

CAS-Cloud and Document Storage is the ultimate off-site backup. CAS-Cloud allows clients to store their physical documents at our state-of-the-art facilities, but also to work with digital copies on a continuing basis through our secure, dedicated online portal. CAS-Cloud was developed specifically for our clients and is a completely secure and bespoke service. It runs on a bank of dedicated high-grade servers in a secure server room at CAS HQ. Cyber-attacks, malware and computer viruses, along with loss, damage, alteration and sharing of sensitive data are all too prevalent whether accidental or intentional. CAS helps to reduce these risks by defining user access and introducing multi-layered file permissions. Any activity performed on data stored in CAS-Cloud is recorded. The comprehensive audit trail remains for the life of the material.

CAS advanced network security

We would like to assure our clients that we continually strive for the highest levels of security. CAS’s fully accredited IT Services and Support partner, Promentum Ltd, routinely undertakes full scans of our network, in accordance with ISO/IEC 27001 compliance, using GFI LanGuardTM. GFI LanGuardTM is the predominant network security scanning tool employed by ISO/IEC 27001 auditors. The network vulnerability scanner and cross-platform patch management software performs over 60,000 susceptibility assessments, which extend to third-party applications and networked devices including switches, routers, access points, and printers. It is a complete vulnerability management solution, allowing scanning, detection, assessment and rectification of network security liabilities. GFI LanGuardTM provides the tools to remedy vulnerabilities and install missing patches on networks, including, but not limited to Adobe, Flash, Java, and routine Windows updates. It provides a holistic picture of a network set-up and assists in maintaining a secure network state quickly and efficiently. The system ranks amongst the top five products in its field globally.

Daily backup and secured premises

CAS servers, running on an uninterrupted power supply are backed up daily using advanced Quantum RDX Data Tape. Each day the cartridges are swapped over and that day’s tape secured in a Turtle RDX 10 padlocked case; waterproof and double-walled for extra protection against impact and temperature extremes. The case is then removed to an alternative building within our secure gated compound and placed in a securely locked Profile NT Fire 017 fire-resistant cabinet.

All members of staff have signed confidentiality agreements, and have been checked through either the Criminal Records Bureau (CRB) or the Disclosure and Barring Service (DBS). The secure gated perimeter is monitored using CCTV M12 Mobotix recording cameras, to ensure 24/7 record of any activity. Video and audio records are backed up off-site. The storage facilities are fitted throughout with an optical fire beam protection system and air quality monitoring. Redcare security alarms are linked directly to police and fire brigade.

Data Protection: DPA & GDPR

CAS is fully compliant with the Data Protection Act 1998 and registered with the ICO, registration number Z1281061. CAS is also compliant with new EU legislation contained in the General Data Protection Regulation (GDPR). The GDPR will apply in the UK from 25 May 2018, and the government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

About Clarks CAS

CAS are experts at protecting medical data through comprehensive and secure document digitisation and information storage services. For more than 20 years CAs have worked with NHS Trusts, Financial Services providers, and corporate and private clients. Our head office is just four miles from the City of London, supported by our advanced storage centres across the UK. CAS has an impressive array of International certifications (ISOs), which prove our compliance with the strictest national, European and international laws. They also demonstrate our commitment to provide innovative systems on security, confidentiality and quality control in keeping your files safe and well managed.

For a free, no obligation quote please contact our specialist team