May 12th, 2017 is a day burned into the memories of IT and security teams nationwide. For those lucky enough to not be impacted, it was the first large-scale ransomware attack – titled WannaCry – which encrypted the data on Windows devices that hadn’t updated to a recent Microsoft patch. That data was held for ransom by bad actors who exploited the unpatched software, which had a major impact on more than a third of NHS Trusts and subsequently thousands of patients across the country.Now you might be thinking it’s 2025 – how is WannaCry still relevant eight years later? Well, although the Windows patching has improved beyond what it was in 2017, the fundamental flaws that were culpable in 2017 are still seen today. Traditional connectivity practices are still being used in hospitals and continue to leave our health system open to vulnerabilities due to implicitly trusted network access. Third parties and other organizations continue to connect to internal networks via VPNs or firewalls that have consistently proved to be plagued with basic vulnerabilities and zero-day threat software gaps. All of this subpar infrastructure time from already over stretched IT teams within the public sector and more specifically, our health system. We can’t keep trying to mitigate the flaws in legacy architecture by patching up the holes – there has to be a better way!Four steps to robbing a bankBefore we can identify the solution, we need to identify the root of the problem by understanding how a breach can happen. To put it into non-technical terms, an IT security breach is much like robbing a bank. The first step is to identify all the possible bank branches to hit. Perhaps there are 50 or 500 bank branches out there, so the next step is to narrow this down to a branch that can be broken in without getting caught. Perhaps it is in a secluded area, or the surveillance cameras are not working. The third step, once you’re in, is to move laterally – find a cash safe, and make your escape. Four simple steps. This is the same four-step approach to conducting a cyber attack. First, they find your attack surface. What’s your attack surface in the cyber world? Well, it’s every public IP which may be firewall, a VPN, or application portal. And today, AI is helping bad guys to identify the attack surface very, very quickly. Secondly, they want to compromise you. They do this by essentially finding a vulnerable user or vulnerable applications. And today, you can actually generate phishing campaigns using AI or Machine Learning, or you can even create a webpage to really bring them in. So, either users fall for it through social engineering, or they exploit a vulnerable application. Once infected, the malware moves laterally through the wider network. It finds high-value assets, then encrypts it and asks for ransom. Number four, they don’t stop there, they steal your data. And stolen data is often sent to the Internet.Build a zero trust strategyNow you understand the principle of a cyber breach, you need to learn how to mitigate these four steps. This is where a zero trust architecture is the ideal counter-measure. Zero trust isn’t about plugging the gap by creating a new form of firewall or VPN. Its key focus is to make sure the bad guys can be stopped at each of the four steps. For instance, Zscaler’s platform is far more effective than traditional firewall-based architecture. Generally, when new technologies like cloud come, IT vendors try to take existing technologies of networking security and try to adapt it to the cloud. Zscaler Zero Trust is fundamentally different. It never put users or third parties on the network and it only uses inside-out connections, always verify identity, policy and risk before allowing access. Meet us at NHS Cyber Security ConferenceReliance on outdated legacy systems is increasingly untenable in today’s digital age. To avoid another WannaCry incident, NHS Trusts must update their security architecture to a Zero Trust approach to prevent lateral movement and decrease the attack surface of traditional technology stacks. To learn more about how NHS networks are being continuously exposed to threats, please join us on 5th of March 2025 at 12:55 for Zscaler’s session on “Why Legacy Architecture is No Longer Fit for Purpose in a Modern Digital NHS”. Using lessons from real world examples of ransomware attacks, we will highlight the limits of patching, and why VPNs and their daily CVEs continue to expose NHS networks to threats. Additionally, we’ll examine the dangers of lateral movement between interconnected NHS trusts and why this sharing of data might increase vulnerability. Attendees will leave with actionable insights on modernizing IT infrastructure to reduce these risks and better secure the future of digital healthcare using zero trust principles. We look forward to seeing you there.
[#item_full_content] May 12th, 2017 is a day burned into the memories of IT and security teams nationwide. For those lucky enough to not be impacted, it was the first large-scale ransomware attack – titled WannaCry – which encrypted the data on Windows devices that hadn’t updated to a recent Microsoft patch. That data was held for ransom by bad actors who exploited the unpatched software, which had a major impact on more than a third of NHS Trusts and subsequently thousands of patients across the country.Now you might be thinking it’s 2025 – how is WannaCry still relevant eight years later? Well, although the Windows patching has improved beyond what it was in 2017, the fundamental flaws that were culpable in 2017 are still seen today. Traditional connectivity practices are still being used in hospitals and continue to leave our health system open to vulnerabilities due to implicitly trusted network access. Third parties and other organizations continue to connect to internal networks via VPNs or firewalls that have consistently proved to be plagued with basic vulnerabilities and zero-day threat software gaps. All of this subpar infrastructure time from already over stretched IT teams within the public sector and more specifically, our health system. We can’t keep trying to mitigate the flaws in legacy architecture by patching up the holes – there has to be a better way!Four steps to robbing a bankBefore we can identify the solution, we need to identify the root of the problem by understanding how a breach can happen. To put it into non-technical terms, an IT security breach is much like robbing a bank. The first step is to identify all the possible bank branches to hit. Perhaps there are 50 or 500 bank branches out there, so the next step is to narrow this down to a branch that can be broken in without getting caught. Perhaps it is in a secluded area, or the surveillance cameras are not working. The third step, once you’re in, is to move laterally – find a cash safe, and make your escape. Four simple steps. This is the same four-step approach to conducting a cyber attack. First, they find your attack surface. What’s your attack surface in the cyber world? Well, it’s every public IP which may be firewall, a VPN, or application portal. And today, AI is helping bad guys to identify the attack surface very, very quickly. Secondly, they want to compromise you. They do this by essentially finding a vulnerable user or vulnerable applications. And today, you can actually generate phishing campaigns using AI or Machine Learning, or you can even create a webpage to really bring them in. So, either users fall for it through social engineering, or they exploit a vulnerable application. Once infected, the malware moves laterally through the wider network. It finds high-value assets, then encrypts it and asks for ransom. Number four, they don’t stop there, they steal your data. And stolen data is often sent to the Internet.Build a zero trust strategyNow you understand the principle of a cyber breach, you need to learn how to mitigate these four steps. This is where a zero trust architecture is the ideal counter-measure. Zero trust isn’t about plugging the gap by creating a new form of firewall or VPN. Its key focus is to make sure the bad guys can be stopped at each of the four steps. For instance, Zscaler’s platform is far more effective than traditional firewall-based architecture. Generally, when new technologies like cloud come, IT vendors try to take existing technologies of networking security and try to adapt it to the cloud. Zscaler Zero Trust is fundamentally different. It never put users or third parties on the network and it only uses inside-out connections, always verify identity, policy and risk before allowing access. Meet us at NHS Cyber Security ConferenceReliance on outdated legacy systems is increasingly untenable in today’s digital age. To avoid another WannaCry incident, NHS Trusts must update their security architecture to a Zero Trust approach to prevent lateral movement and decrease the attack surface of traditional technology stacks. To learn more about how NHS networks are being continuously exposed to threats, please join us on 5th of March 2025 at 12:55 for Zscaler’s session on “Why Legacy Architecture is No Longer Fit for Purpose in a Modern Digital NHS”. Using lessons from real world examples of ransomware attacks, we will highlight the limits of patching, and why VPNs and their daily CVEs continue to expose NHS networks to threats. Additionally, we’ll examine the dangers of lateral movement between interconnected NHS trusts and why this sharing of data might increase vulnerability. Attendees will leave with actionable insights on modernizing IT infrastructure to reduce these risks and better secure the future of digital healthcare using zero trust principles. We look forward to seeing you there.
