This economy by highlighting the significance of

This
study will illustrate several aspects of economics of information security by analysing
a specific cybersecurity breach and explain its significance for the broader
cybersecurity economy. It will also discuss the specific information security
practices, or lack thereof, that lead to the breach, the method through which
the breach was exploited, discussion of the economic costs of this breach for
those that were directly affected by it and what measures could have been taken
to mitigate the breach. Finally, the study will contextualise this case study
in the broader cyber security economy by highlighting the significance of this
case study for broader economic costs and practices associated with cyber
security. The cybersecurity breach that has been chosen to be analysed is the
WannaCry cyber-attack in 2017 and mainly focusing on the impact it had on healthcare
(NHS).

On
Friday 12 May 2017 a ransomware attack was launched globally, known as
WannaCry, which affected more than 200,000 computers in 150 countries. In the
UK, one of the biggest victim of this attack was the NHS, however it was not a
targeted attack. According to NHS England, the ransomware affected at least 81
trusts across England, either infected by the ransomware or turned off their
devices and systems as a precautionary measure. Additionally, 603 primary care
and 595 GP practices were also infected (Hughes
2017).
NHS England identified 6,912 appointments and an unknown number of operations
were cancelled and some patients in certain location had to travel further to
accident and emergency departments (Sandle
2017).
All the NHS trust were advised to not to pay ransom and The Department of Health,
NHS England and the National Crime Agency assured that no NHS organisation paid
the ransom. However, The Department does not know how much the disruption to services
cost the NHS; costs include: cancelled appointments, additional IT support/IT
consultants, data recovery, damaged systems and staff working overtime. On the
evening of 12 May, a cyber-security researched activated built-in ‘kill-switch’
to stop WannaCry from locking devices but did not stop infecting the devices (Newman 2018). The US and UK government accused
North Korea was responsible for WannaCry. Mr Bossert, who advises the president
on homeland security said the US findings concurred with judgements from other
governments and private companies and it was all based on evidence even though
he did not produce any evidence in the article.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

The
WannaCry ransomware operates by encrypting data on a computer that has been
infected. The ransomware then informs the user that their files have been locked
and provides information on how much is to be paid and when; payment is taken
in Bitcoin for anonymity. The cost of decrypting all the files in the computer was
between $300 and $600. (Security
Response Team 2017). Malwarebytes’s threat intelligence team suggests that ‘EternalBlue
is the original culprit of the ransomware spread’. The leaked EternalBlue
software from NSA exploits vulnerabilities in public facing servers. The vulnerability
works by injecting code into vulnerable systems to search for backdoor malware Double
Pulsar that has already been running undetected to gain access to the system (Simon-Lewis 2018). The reason the NHS suffered big damage
was mainly because 42 NHS trusts used an outdated operating system (Windows
XP). Support for Windows XP ended in 2014 and the custom support for government
organisations ended in May 2015. NHS was advised by the government to migrate away
from Windows XP by April 2015. Since this deadline was ignored any NHS organisation
using the outdated operating system vulnerable to attack (Ford 2017). The NHS could have avoided WannaCry
attack by following basic security recommendations. All NHS organisations
infected by WannaCry had unpatched or unsupported operating systems and were susceptible
to the ransomware. NHS could have protected themselves by patching vulnerabilities
with latest updates, managing firewalls facing the Internet and running
supported operating systems to ensure security (Comptroller
and Auditor General 2017).

This
security breach had a big negative impact on NHS as they lost money,
productivity and reputation. A member of parliament revealed the emergency
measures put in place over WannaCry cut into the agencies internal budgets and has
cost NHS Digital and NHS England £180,000 (Stevens
2017).
NHS trusts did not reveal the direct financial implications of the cyber-attack
but a source at one of the trusts has indicated it will exceed £1 million (Khalil 2018). A cyber risk modelling firm Cyence
estimated the potential costs from the hack at $4 billion globally. This also
includes loss of productivity, cost of restoration of data and cost of
investigation (Berr 2017). The attack also infected the patients
as infected NHS organisations could not access important electronic information,
including patient records. The review by NHS England identified at least 139
patients who had an urgent referral for potential cancer cancelled. NHS organisations
did not report any cases of harm to patients or of data being stolen or compromised
but the availability of the data was affected by this attack. The analysis of
the WannaCry ransomware suggested the attack was not aimed at accessing or
stealing data of patients, although it is unclear if this is the case (Comptroller and Auditor General 2017).

If GDPR was in effect during the time of this attack,
NHS could have had to pay a fine of at least €20 million or 4% of annual
turnover whichever is greater. Under the regulation, organisations must adopt
appropriate policies, processes and procedures to protect the personal data
they hold and ensure compliance. Even though, the main purpose of the
ransomware was not to steal any data, we cannot confirm that no data was stolen
so NHS would mostly like would