Wannacry Cyber Attack
On the morning of May 12th 2017 a cyber attack, named Wannacry, was launched. This reportedly affected over 230,000 computers in at least 150 countries around the world. ¹ The ransomware locked people out of their computers and demanded payment in Bitcoin to unlock them.
Most of the attacks targeted Russia, Ukraine and Taiwan. Some Chinese universities, Spanish Telefonica, Russia’s Interior Ministry and FedEx also reported that they had received the ransomware. Nissan Motor Manufacturing UK and Renault stopped production at several sites. ² Nowhere in the UK was as hard hit by the cyber attack as the NHS.
Impact on the National Health System
A document released by the NHS in February of 2018 titled ‘Lessons Learned Review of the Wannacry Ransomware Cyber Attack’ shared the following information about the impact of the attack,
‘In total, 1% of NHS activity was directly affected by the WannaCry attack. 80 out of 236 hospital trusts across England were affected, which means that services were impacted even if the organisation was not infected by the virus (for instance they took their email offline to reduce the risk of infection). 595 out of 7,4545 GP practices (8%) and eight other NHS and related organisations were infected.’
The Department of Health and Social Care’s (DHSC) report on the matter estimated that the attack cost the NHS £92m in total. It led to 19,000 appointments being cancelled over the following week.⁴
Preparing your Business
In a cyber attack, or similar situation, it is vital management are able to contact staff through channels that avoid the infected systems. Businesses need to have a way of passing crucial information to staff. A method without using their company intranet or any at risk software.
HRnews.co.uk suggests that companies prepare in advance,
“Mass notification must be ready to go at a moment’s notice… during an emergency, messages may need to be sent to individual groups,” ⁵
They stress the importance of having an app that is independent from company software. One that can be used by management to contact workers or vise versa,
“All staff should have the ability to trigger an alert from the App on their phone that notifies a response team at their company.” ⁶
Utilising External Systems
One company that has these features is Ok Alone, the lone worker App. Ok Alone is an app that runs independently from company intranets or software. Having a system that can be run entirely through phone lines allows management to send alerts to workers when email has been compromised.
Ok Alone has the ability to send out mass notifications to all staff simultaneously or allow those monitoring the situation to choose specific groups to contact. This would be the fastest method of informing staff that there was a situation that required their attention.
Ok Alone also has features that allow workers to contact management directly. The ‘Help Button’ sends an alert to their supervisor that they need immediate assistance and to be contacted. Workers also have the option of sending a written or voice message directly to the person monitoring a situation.
Companies should be using a lone worker app that runs independently from corporate systems. By cutting out software that is vulnerable to ransomware or corruption companies are giving themselves a way to contact staff in the event of a cyber attack.