6Jun June 6, 2017in Public Sector, Securitytagged: NHS, PBS, Public Sector, security, Unified Communications, VoiceBy now, you have probably heard of the NHS WannaCry ransomware attack that has infected thousands of computers around the world, taking down critical services such as the UK’s National Health Service and Spain’s telecom company Telefonica. In this article we review the impact on NHS telephone systems. During the initial outbreak, some NHS Trusts were advising that their telephone systems had been infected and that they were unable to take calls. The impact on telephony caused some NHS hospitals to close due to major incidents. We are not aware of any infections of the major telephone solutions on the market. Both cloud and PBX products from organisations such as Avaya, Cisco and Mitel have bespoke operating system builds that were not affected. The problem was with supporting applications such as switchboard operator consoles, voice mail systems and IVR (Interactive Voice Response) systems which were running on Windows and therefore were infected in the same way as we describe early in this article. The challenge with simply keeping these types of systems on the latest versions of operating systems, fully patched and with up to date virus detection, is that these legacy applications may not themselves operate on an updated operating system. Therefore, it may be necessary to update the entire telephone solution at considerable cost. As a result, whilst it is simple to say that all Windows machines should be patched and have up to date versions of Windows and virus detection, the reality is much harder and more expensive to implement. For NHS or other public sector clients who wish to discuss the risks and cost effective mitigation, please contact us.