The WannaCry ransomware and how it (doesn’t) affect us

There’s been a great deal in the news over the past few days about the already infamous “WannaCry” (AKA “WannaCrypt”, “WanaCrypt0r”, “Wanna Decryptor” etc.) malware that’s spread like wildfire across the world, most notably infecting numerous NHS trusts. You may not already know that Isosec was built from a security background, we have cybersecurity expertise spanning 50 years. With this in mind we thought we’d let you know just what on earth is going on, how it might affect you, and how it, thankfully, doesn’t affect Isosec (despite the similarities in the name of other companies involved!).

What is it?

First and foremost we go onto the question that’s on most people’s minds; just what exactly is this thing? Well, “WannaCrypt” is a type of malware (malicious software) known as “ransomware”, which is software that will encrypt all of your most important files and folders, and then quite literally hold them ransom, asking you to make a payment in order to decrypt them for use (which more often than not is the worst possible thing you can do).

Now that the technical jargon is out of the way, a practical example. You receive an email with an attachment, you open this attachment and it runs a program on your computer, this program locks away all of your files with a password you don’t know, and then demands a sum of money in return for that password. Sound bad? It is! Ransomware has been around for many years in various forms, but what’s getting worse is not so much the programs themselves, but the way in which they spread.

In the case of “WannaCry”, the evidence thus far suggests that it’s capable of spreading across the entirety of a local network with ease, infecting every other computer on the network that isn’t up to date enough to protect against the vulnerability. Now if the “not up to date” part of that spiked your interest, that’s for good reason…

Staying safe

Whilst the usual security principles come into play here – always run an active anti-virus and keep a malware scanner to hand, don’t open unknown attachments, stay away from unfamiliar websites etc. – there is one that rises above all others in terms of importance; keep your computer up to date. The vulnerability in Microsoft’s Windows product that allowed the “WannaCry” attack to take place was fixed back in March of this year, meaning that the average computer was already safe by the time the attack began. But if you don’t regularly update – and don’t have automatic updates switched on – then you were, and possibly still are, at risk.

How this (doesn’t) affect Isosec

Due to the nature of Ransomware, attacks such as these are unlikely to affect us as a company. Our internal security policies keep us out of harms reach, and the fact we ship software rather than hardware means we’re not in the crosshairs of these sorts of attacks. But that doesn’t mean we can wash our hands of any responsibility, instead, it’s important to look at how we can help you to prevent these problems from happening.

Let’s use MIA Maternity as an example. MIA Maternity is completely offline-capable, and while that’s important for midwives who use our software in areas of limited or no connectivity, it’s even more important when a large scale cyber attack such as this one occurs.

This is because even though the Trust owned servers that hold the all important patient data might be compromised, the mobile devices remain functional, with a recent copy of all the patient data required to work. Midwives can continue to work without issue, and patient care isn’t compromised. Better yet, there’s no need to revert to older paper-based backups, midwives can continue to enter data into MIA Maternity, and it will be sent back to the server once the issue has been resolved by the Trust.

 

Here at Isosec we take security very seriously. It’s baked into how we make software, and is something on the minds of everyone here constantly.

EHI Awards: Finalists Announced

You may have read in our blog some weeks ago that we had been shortlisted for the EHI Awards 2015 in the Excellence in Mobile Healthcare category. At the time we didn’t know a lot about who else was involved or the overall process but we have a lot more to share as we are now…

Finalists!

As you can imagine we are very excited about this, so in this blog we thought it would share a little more about the process we’ve been through so far and how the big presentation day went.

Before that though, we would like to officially extend a huge thank you to Kathy Lanceley, who is Deputy CIO at Imperial College Healthcare NHS Trust for really driving MIA Maternity as a project forward over the last year. Kathy was kind enough to come to the EHI presentation day and present MIA Maternity for us from a user perspective. This was great for MIA as it wasn’t just us saying, ‘Yeah we have a great solution’ it was someone who uses it every day and has been through the whole collaborative design process with us. We are so grateful that Imperial are on this journey with us and they really are a pleasure to work with.

Last Wednesday we were invited to Leicester City Football Stadium to give a presentation on our mobile app for clinicians (in this case Midwives)- MIA Maternity. MIA Maternity is an intuitive and easy-to-use application that can be downloaded from the app store and used by community health care workers to minimise travelling time, improve compliance and eradicate all those handwritten paper forms and ultimately see more of those time and resources spent on patient centred care. The aim is to make for happier midwives and in turn, happier (and healthier) mums and babies.Leicester City FC

As previously mentioned Kathy herself did the majority of the presentation, expertly answering the judges questions and gladly singing the praises of MIA at Imperial. The venue was gorgeous, with great views across the countryside out of one side, and a prime pitch view box on the other.

Kathy Lanceley Imperial College NHS Trust presenting for Isosec

Our judges were Adrian Byrne the Director of IM&T at the University Hospital Southampton NHS Foundation Trust, Natalie Bateman who is the Head of Health and Social Care at Tech UK and Darren Holmes the Head of ICT at St Barnabas Lincolnshire Hospice. They were very focussed and direct with their Q&A, which we liked.

So it’s a week since then and last night we got the email that we have in fact been chosen as finalists for the award! The whole awards will come together for a lavish evening of entertainment on October 1st for a black-tie ceremony in Central London at the stunning Park Plaza Westminster Bridge Ballroom- we are really looking forward to it.

We would like to extend all the best to the other finalists: Blithe Computer Systems, Horizon Strategic Partners, Mobizio, Nervecentre Software and St Andrew’s and Contact Healthcare and we look forward to meeting you all at the awards night.

We will be sure to keep you updated and wish us luck!

EHI Awards finalist logo

Isosec enter into the EHI Awards 2015

Happy Tuesday everyone!

Today Isosec would like to share their joy with you about entering the EHI Awards 2015. For anyone unfamiliar with EHI they are run by eHealth Media as a part of Informa PLC and are there to reward excellence in healthcare information technology. If you would like to read more about the awards you can do so here: http://www.ehealthawards.com/

Isosec have put forward their application in the ‘Excellence in Mobile Healthcare’ category with our current project MIA Maternity, our clinical mobile solution for maternity departments and community nurses nationwide. We are hopeful that MIA Maternity will be recognised for all the hard work that has gone into making it as exceptional as it can be for midwives, mums, babies and the NHS.

Previous winners of the EHI awards have gone on to achieve great things for healthcare IT and we would love to be able to have people sit up and take notice of MIA Maternity in light of these prestigious awards and do the same.

The judging day for the shortlisted names is on the 15th July 2015 with the awards ceremony at the start of October so we shall be patiently (eagerly!) awaiting to hear, and of course will share our news here as soon as we can!