NHS hit by massive ransomware attack

Forum Moderators: IanTurner & engine

Message Too Old, No Replies

NHS hit by massive ransomware attack

Hospitals reported as taking life threatening emergencies only

IanTurner

1:38 pm on May 13, 2017 (gmt 0)

Worm carried ransomware has hit many NHS trusts, with some hospitals having most PCs infected. The ransomware encrypts files and the deletes originals.

Many hospitals have been forced into using pen and paper for prescriptions and other paperwork.

It is using an exploit that was released recently following The NSA security breach in the US. The breached was apparently patched by Microsoft in all systems post Windows XP - it exists in XP but MS no longer patching that system (and it appears that some NHS machines are still using XP)

The issue has hit other organisations worldwide including Deutsche Bahn in Germany, Telefonica in Spain and the Russian Interior Ministry.

BeeDeeDubbleU

1:54 pm on May 13, 2017 (gmt 0)

The anonymity offered by the Internet shows some elements of mankind up for what they are. Time for change.

graeme_p

2:17 pm on May 13, 2017 (gmt 0)

It is not anonymity that is the problem, it is incompetence. Why are people still running critical systems on XP? WHy are critical system open to the internet?

MS has now released patches for XP and Server 2003.

The register story has quite a lot of details

[theregister.co.uk ]

IanTurner

3:18 pm on May 13, 2017 (gmt 0)

Well done to Microsoft for getting those patched out.

keyplyr

6:42 pm on May 13, 2017 (gmt 0)

One more reason for universal Windows10

BeeDeeDubbleU

7:59 pm on May 13, 2017 (gmt 0)

"It is not anonymity that is the problem, it is incompetence"

Incompetence does not deserve to be punished by criminal who are happy to threaten lives worldwide. The people who do this are the lowest of the low. They must be stopped by whatever means is necessary because it is not going to go away until a major catastrophe occurs.

keyplyr

8:20 pm on May 13, 2017 (gmt 0)

Take away the incentive. If perps don't get paid, they won't do it.

Those who use online resources need to take the responsibility to insure that resource is secure.

piatkow

8:38 am on May 14, 2017 (gmt 0)

Online - secure, an oxymoron surely?

graeme_p

10:33 am on May 14, 2017 (gmt 0)

@BeeDeeDubbleU, I did not say incompetence justifies the theft. To give you an analogy, if a bank left their doors open and the vault unlocked it would still be a crime to rob the bank - but the people who failed to lock up a bank are clearly not fit to do their jobs.

Peter_S

10:57 am on May 14, 2017 (gmt 0)

From what I understood, hackers exploited a security hole in Windows, but Microsoft patched it last March. So I wonder how it's possible that all these companies and hospitals which have been impacted, didn't have their computer updated.

keyplyr

11:30 am on May 14, 2017 (gmt 0)

@Peter_S - because they were using old Windows OS that have gone out of support as graeme_p said above.

ipco

1:51 pm on May 14, 2017 (gmt 0)

The NHS has suffered poor funding as long as I can remember and this is the outcome.

It�s a pity computers using proprietary software that needs to run on older platforms are not more securely isolated.

The fault is twofold; technician complacency/incompetence for not demanding isolation of older technology and financial tightfistedness for not funding the update of necessary software and hardware. Perhaps now they will think long (but not too long) and hard about security.

piatkow

2:37 pm on May 14, 2017 (gmt 0)

Trouble is that the users may need old and new on one screen.

In my last 5 years or so in salaried employment we had definitely got to the stage where companies thought that the "IT tail" was no longer wagging the "business dog". Trouble is that that means that when there is a choice between spending on testing a security patch and spending on something directly business facing then the latter wins every time.

Personally I always had a sneaking feeling that moving away from in house developed mainframe systems would eventually prove to have a serious down side.

ipco

3:00 pm on May 14, 2017 (gmt 0)

@piatkow I absolutely agree but "when there is a choice between spending" that's a management level decision for fund allocation and that's sometimes hard when you don't have a lot to play with. imho government should be providing more - maybe now they will.

BeeDeeDubbleU

9:01 am on May 16, 2017 (gmt 0)

An article from the Guardian two years ago.

[theguardian.com...]

IanTurner

9:35 am on May 16, 2017 (gmt 0)

Interestingly this attack seems to be hitting large organisations rather than small businesses and individuals.

Has anyone heard of smaller, less than 20 people, organisations being hit?

tangor

10:50 am on May 16, 2017 (gmt 0)

All are susceptible, but you (if a crook) go where the real money is.

Though the first roll out was stopped at $50k in losses by a $10 fix (kill switch domain name), a second version has already hit the web. MS has, meanwhile, sent patches and provided access to same at their site, for the older systems that are at risk. Whether tom, dick and harry have seen the PATCH NOW memo in the news remains to be seen.

But, the older systems do remain in play for this particular hack on web facing networks.

ipco

11:23 am on May 16, 2017 (gmt 0)

Possibly large organizations are more susceptible because larger orgs = older orgs = more legacy hardware.

piatkow

8:37 am on May 17, 2017 (gmt 0)

Has anyone heard of smaller, less than 20 people, organisations being hit?

Less complex IT, most probably let updates run automatically most of the time and hope that nothing breaks..