>> After the Wanna Cry cyber attack that infected computers at factories, schools, and businesses all over the globe, even hospitals in Britain's National Health Service, one might think that the cyber security company responsible for keeping those hospitals safe from hackers would take a hit to its business. But as Reuters cybersecurity correspondent, Joseph Men reports, the opposite happened.
>> This is one of the few industries I can think of where bad news is good news. The poster child for the chaos and the destruction was in England where National Health Service affiliated hospitals were forced, some of them, to turn away ambulances and reschedule surgery because they couldn't get access to patient data.
Now it so happened that one British security company, Sophos had bragged on its website that it did a great deal of business protecting hospitals, in fact that it protected 60% of NHS affiliates. These hospitals got shut down, including some that were Sophos customers, so you would think that Sophos stock would take a hit.
But no, Sophos stock actually went up 7% because they happen to also offer a ransomware line, a line of products that specifically protects against ransomware.>> Sophos wasn't the only company whose stock jumped. Shares of US based FireEye and Qualys both popped more than 5% on the Monday following the attack.
And Men says there's good reason for that.>> Sophos says that all the hospitals that had happened to buy the ransomware product, in addition to some other products were fine. Which is one of the reasons that its stock went up. But it does illustrate the complexity and the problems with shared responsibility.
The hospitals that were most disrupted by this attack probably had one or more things wrong in their configuration. First of all, they hadn't applied patches that were available to them and that's the fault of the IT department. Secondly, some of them might have been running Windows XP machines which are officially out of support.
Microsoft doesn't issue patches for them unless you pay extra and these hospitals had decided not to pay the extra.>> Businesses may now want to spring for extra protection. One cybersecurity industry veteran telling Reuters that in the case of hospitals, they may even wanna consider hiring solid cybersecurity or IT people, instead of another nurse or two.