Could peer-to-peer technology be the key to stopping the next WannaCry?
Could peer-to-peer technology be the key to stopping the next WannaCry?
WannaCry ransomware requires no introduction. Spreading across the globe in May 2017, the destructive cryptoworm has been widely recognised as one of the year's most high profile – and possibly most damaging – cyber-attacks.

Among those hit by WannaCry were public services and leading providers of infrastructure from across the globe. This included Telefonica, FedEx, Deutsche Bahn and – most famously – large areas of the National Health Service.

As with so many cyber-attacks, WannaCry wasn't successful because it was a particularly complex or even smart piece of ransomware. In reality, it was only successful because it took advantage of the outdated infrastructure that surrounded its victims' IT systems. As the National Audit Office's investigation into the NHS concluded, WannaCry was an avoidable situation, with relatively simple updates and IT fixes being required to stop its spread.

Many newspapers have attacked the NHS for this fact but, in reality, when an organisation such as the National Health Service is given the choice between spending billions on updating its IT infrastructure or investing in more potentially lifesaving medical equipment, it will almost always prioritise the lifesaving tech.

But while it makes sense for the NHS to treat IT as secondary to saving lives, something must change if the health service is to avoid such attacks happening in future. So just why is it that organisations such as the NHS are finding it so costly to keep their systems up-to-date?

Disconnected IT
While updating a home computer may seem like a relatively simple task; organisations running hundreds of thousands of devices across multiple regions proves a much more complex challenge. This becomes even more complicated within the context of the NHS, where many devices do not provide a traditional user-interface and where systems regularly share and store highly sensitive patient information.

While there are those who blame public sector processes for this struggle, the reality is that large-scale private-sector companies have just as much difficulty keeping all of their IT endpoints up-to-date – as the WannaCry attack proved.

As just one example, consider the John Lewis Partnership. Faced with over 26,000 devices throughout Waitrose and John Lewis stores, it took the company the best part of four years just to upgrade from Windows XP to Windows 7. Compared to the NHS – which is estimated to operate around 1.5 million devices – this multi-million pound process seems positively simple.

Given this mammoth challenge, the NHS cannot be expected to upgrade or secure its systems in the same way that traditional businesses would. What is needed is a new way to ensure vital security updates are installed. This solution must also be:
⦁ Low cost to run
⦁ Not require existing infrastructure be ripped out or replaced
⦁ Provide updates to millions of users at speed and without limiting the wider network.

Such a solution may sound hard to find, but it could in fact come from a technology that many firms are already using for an entirely unrelated purpose…

A new application for an old technology
Peer-to-peer (P2P) sharing technology has existed in one form or another since the mid 1990s. In recent years this technology has grown increasingly sophisticated, with many businesses now using P2P tech to speed up file distributions on large networks.

One of the most common applications within a business context has been the use of Software-Defined Enterprise Content Delivery Networks (SD ECDNs). These virtual networks allow businesses to share large files at high speeds, regardless of whether they are still relying on legacy network infrastructures. By distributing an update to multiple machines (or peers) and then allowing those machines to share the updates among themselves, SD ECDNs exponentially decrease the bandwidth load on an organisation's network. The greater the number of peers across a complex distributed enterprise, the more efficient content delivery becomes compared to legacy hardware-based WAN optimisation solutions.

Software update delivery over a traditional network vs a peer-to-peer delivery

In the past, SD ECDN providers such as Kollective have used their platforms to distribute HD video streams simultaneously to employees all across the globe – with tools such as Skype Meeting Broadcast partnering with them to ensure buffer-free livestreams.

Now however, many businesses are starting to realise that they can use the exact same video streaming technology to distribute files - including vital security and software updates. 

Since the WannaCry attack, several divisions of the NHS have been working closely with Kollective to implement this technology as a way to keep the health service updated and free from potential security vulnerabilities at almost real-time speeds. By adopting this peer-to-peer technology across the board, the NHS could be in a position to block future cyber-attacks before they have a chance to happen. At the same time, this near constant, mass roll-out of updates will also help to future-proof the health service in advance of its upcoming migration to Windows 10.

Stephen Dunkley, SCCM Engineer at Kollective Technology
Stephen Dunkley, SCCM Engineer at Kollective Technology

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media