Massive Attack Lays down British NHS 11 replies

  • 1
  • 2

Please wait...

Serio VIP Member

The Dane

149,846 XP

11th November 2006

3 Uploads

12,506 Posts

37 Threads

#1 1 year ago

This is mental. A number of our British users may already known this, but the NHS has been handicapped by a ransomware attack. Systems and clinics in the entire country are affected, with some unable or unwilling to access vital records on their patients such as radiography, blood work, appointments, and much more. Essentially, the healthcare system's infrastructure has been knocked back to the middle ages by this attack.

There's no word on who is behind the attack, but unverified reports indicate it could be using technology and software associated with the Shadow Brokers. Whether it's an intentional attack(in which case it could be construed as an act of terrorism) or an entirely accidental infection remains to be seen.

Regardless, with the lives of hundreds of patients at risk, there's no doubt the UK government will divert £350 million GBP to strengthen security and the NHS... Right?

https://arstechnica.com/information-technology/2017/05/nhs-ransomware-cyber-attack/




Serio VIP Member

The Dane

149,846 XP

11th November 2006

3 Uploads

12,506 Posts

37 Threads

#2 1 year ago

Bit of an update. According to Danish TV2, citing Kaspersky, this is by no means restricted to Britain. As a matter of fact, the #WannaCry attack has affected more than 70 countries in the past 48 hours. 




MoreGun89

53 XP

28th July 2004

0 Uploads

2,426 Posts

0 Threads

#3 1 year ago

Just saw the notification for this.  Good timing for the attackers based on the exploit remediation in the March update for Windows.  This is part of why the health industry as a whole should require stricter compliance standards rather than incredibly vague laws.  

There are checks and balances to be had with older system functionality used in most healthcare facilities and that's understandable.  But goodness, small merchants are required to have more stringent controls than large hospitals!


Mother Banhammer



Nemmerle Forum Mod

Voice of joy and sunshine

298,337 XP

26th May 2003

0 Uploads

28,145 Posts

5 Threads

#4 1 year ago

Hospitals shouldn't be on the internet to begin with. ¬_¬ It's not particularly hard to have an isolated network, nor is it that expensive. If you want to run wires, yes - expensive - but for something the size of the NHS... basically insane not to point some, relatively cheap, microwave dishes across the country.

Hey, let's wire this up to a public network. We're not going to die so fuck everyone else.




Serio VIP Member

The Dane

149,846 XP

11th November 2006

3 Uploads

12,506 Posts

37 Threads

#5 1 year ago

Incredibly after more than 40,000 infections around the world, a killswitch was located by a security researcher in the UK. It won't save existing infections, but it has created a temporary immunity against new ones.

The researcher found a domain name (unregistered, at that) that WannaCry checks in with before activating, and he has used it to create a sinkhole. This will only work until the perpetrator(s) alter the code, but it does give regions such as the United States time to upgrade their systems.

It should be noted WannaCry only infects Windows XP and unpatched post-XP machines. Anyone that keeps their Windows Vista, 7, 8, or 10 machines up to date are safe.




MoreGun89

53 XP

28th July 2004

0 Uploads

2,426 Posts

0 Threads

#6 1 year ago

On that note Microsoft also released a patch for EOL OS's still under custom support contracts (XP, Server 2003) for wide distribution, hopefully that should assist in preventing further infection.

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/


Mother Banhammer



Serio VIP Member

The Dane

149,846 XP

11th November 2006

3 Uploads

12,506 Posts

37 Threads

#7 1 year ago

Well, that didn't take long. A new version of WCRY has been launched and has resumed infection. There's a bright side, however - Microsoft has, against all odds and expectations, issued an emergency hotfix for Windows XP machines.




Mr. Matt VIP Member

#BanRadioActiveLobster

356,239 XP

17th June 2002

7 Uploads

33,641 Posts

779 Threads

#8 1 year ago

"Nemmerle"Hospitals shouldn't be on the internet to begin with. ¬_¬ It's not particularly hard to have an isolated network, nor is it that expensive. If you want to run wires, yes - expensive - but for something the size of the NHS... basically insane not to point some, relatively cheap, microwave dishes across the country.

Hey, let's wire this up to a public network. We're not going to die so fuck everyone else.

Unfortunately, they have no choice. Not if they want to communicate with other hospitals. Which may happen, should you be holidaying in Cornwall and fall off a cliff. And given the fuck-off-enormous debts that nearly every Trust has right now... they would be faced with colossal political pressures if they wanted to built a nationwide network that was separate from the Internet. Damned if they do, damned if they don't.

Frankly, I'm surprised this is the first time this has happened. A couple of years ago I was working with the Midlands and Lancashire CSU, who are responsible for much of the IT in... well, you can guess the localities from the name... while they were trying to develop a database to support 'customer feedback', and the competence of their staff was suspect even then. While I'm sure that the people in those meetings weren't the top brass, it is somewhat concerning that I, a non-developer, had to explain the security risks of storing patient information online and then linking it to their medical records. Particularly as they thought that a monthly password change would be all of the security they needed (this is like changing your house number to deter burglars).

You get what you pay for though.




Admiral Donutz VIP Member

Wanna go Double Dutch?

735,271 XP

9th December 2003

0 Uploads

71,460 Posts

0 Threads

#9 1 year ago

Lot's of governments such as many muncipals in the Netherlands still use windows XP on a lot of their machines. Wouldn't be surprised of that extends to computers found in hospitals etc. aswell.... And patches, well some take months to apply the 'latest' patch it seems but that also happens to big, clumpsy companies with horrible IT.

"Serio"Well, that didn't take long. A new version of WCRY has been launched and has resumed infection. There's a bright side, however - Microsoft has, against all odds and expectations, issued an emergency hotfix for Windows XP machines.



MoreGun89

53 XP

28th July 2004

0 Uploads

2,426 Posts

0 Threads

#10 1 year ago

With having to pay for new hardware, software, data backup, I have two words for what the hospital networks (and I mean all of them, integrated), should be:  Sovereign Cloud.

this would alleviate the costs of hardware while pushing a majority of the security work off to less overworked staff.  I'd like to believe that some people being incompetent was not the cause of this (looking at you execs not approving expenses), but while a large initial expense, seems like it would be the happiest medium.


Mother Banhammer



  • 1
  • 2