Security experts will tell you that one of the best ways to protect yourself from a malware infection or security breach is to keep your software up-to-date. Running outdated versions that cybercriminals can compromise is simply a bad idea. So, why would anyone put off installing a Windows update that Microsoft considered critical, like the one that fixed a vulnerability exploited by the WannaCry ransomware?
Sometimes it’s because system administrators fear that some part of the update process could go awry and lead to service interruptions. Even when things do go as planned, there can still be unwanted complications. That’s the reality five Australian hospitals are dealing with this week.
In the wake of the WannaCry outbreak, Queensland Health moved quickly to ensure that the proper protections were put in place. In addition to Windows, Citrix and clinical workflow software from Cerner was also patched. While the updates “protected the integrity of [hospital] systems and data,” they have also made it difficult for some staff to access medical record systems.
Just two months passed from Wikileaks’ revelation of the EternalBlue exploit to when WannaCry began spreading. That isn’t a lot of time to test and update every piece of computer equipment that needs to be patched, especially in an incredibly complex environment like a hospital. There’s far more to worry about than just desktop computers or laptops. Windows computers are also embedded into medical imaging and diagnostic equipment, and some were vulnerable to the attack.
When fixes need to be applied in a hurry, there’s always a chance that there will be side effects. Still, patching against WannaCry and any future copycat malware was important enough for Queensland Health to take the risk.
In the past, this could’ve been a tough sell. In 2017, however, the “if it ain’t broke, don’t fix it” mentality can’t be applied to computer systems. Advice from the United States Computer Emergency Readiness Team (US-CERT) is very clear: “Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.”
Yes, Queensland Health is coping with some issues accessing their systems. Trouble logging in or accessing records is, however, a huge step up from having an entire network ransomed, servers full of critical data lost, and surgical procedures interrupted.