Secure Software and the NHS Hack

Last week a vicious, and highly effective, computer virus infected IT systems across the globe. Commercial and educational organisations in Asia were down, Germany’s railway system was affected, even US courier giants Fedex weren’t immune to the virus and here in the UK our health system was hit worst. The NHS, including GP surgeries, pharmacies and hospitals were left with reduced functionality, with some facilities cancelling appointments altogether, including planned surgeries.

The majority of this cyber-attack is ‘ransomware’, where the aim of the virus is not just to cause disruption, but to hold information and systems to ransom, promising to grant access to data and the return of a fully functioning system, only after a fee has been paid. As with any malicious demand for money however, there is no guarantee that the agreement will be upheld from the ‘kidnappers’ side once the ransom has been paid.

Many speculated that the NHS IT systems were vulnerable because they were still using outdated software – Windows XP – which was more susceptible to hackers, but this has since been shown to be true in only a small number of cases. Some commented that old versions of Windows continued to be used by the NHS because the hardware in hospitals would not run on any later versions of the operating system. We may never know all the factors that left the health service so open to attack, and it is likely to be a combination of many variables, but the important question is ‘what can we do about it?’

As software developers, security is a primary concern from the outset when writing any commercial, or private, software. At Naked Element we build systems with the future in mind, in a way that allows for updates and adjustments. We use predominantly non-Windows based operating systems, such as Linux, to develop and host the software we write. Among the many advantages to developers, non-Windows systems are also less appealing to hackers, as they are not widely used on desktop computers, but they also tend to have fewer security loopholes as they are not as accessible to the everyday user. We also choose our cloud storage provider based on security, as well as cost, because a hacker cannot hold your data for ransom if you already have it backed-up safely elsewhere!

As the NHS and other big organisations around the globe wrestle with this latest cyber attack, it is a reminder to us all that, in our ever increasing digital age, cyber security is critical. As hackers become a central concern for institutions who might be vulnerable in the future, it is vital that software should be designed to be as ‘futureproof’ as possible.

Words by Lauren

Leave a Reply