“One of the reasons why HE could be targeted by cyber criminals is that it holds lots of personal data and intellectual property that can be sold to information brokers”
As details of a recent ransomware attack on a top UK university unfold this week, Andrew Blyth, director of the Cyber Defence Centre at the University of South Wales, reflects on the lessons learned from the Wannacry cyber attack on the NUS and how the higher education sector can arm itself against cybercrime.
How did the NHS Wannacry attack happen and why?
There are two major lessons that we can learn from the Wannacry ransomware outbreak of May 2017. The first is the need to practice basic cyber security hygiene in terms of patch management, antivirus and firewall management. The reason for this is that the Wannacry ransomware used the MS17-010 vulnerability to attack unprotected computer systems. Microsoft had, in the weeks before the Wannacry outbreak, published a patch which was developed in response to the MS17-010 vulnerability. You may say that if all systems had been patched then the outbreak on the NHS systems would not have happened.
However, such a simple assertion ignores the second lesson.