Ransomware attack on the NHS
 

A large part of the UK's National Health Service has been attacked by a ransomware virus. The effect is patchy across the country, but many hospitals have lost access to their patient records and are accepting only emergency patients. A ransom in bitcoin has been demanded.

Apparently the NHS has for years been using old, unpatched, vulnerable software, so an attack like this was very much on the cards.

We tend to think of ransomware as merely costing money. This one could cost a lot of lives.

Here's a link to the BBC story

Thus far I believe it was Windows XP workstations - not all sectors/trusts are affected. Telefonica in Spain also affected and some others around the world.

Predictably the news are going for the usual - talking about "hackers", showing lots of patch cables plugged into switches and lots of "101010101010101011...", *nix system boot messages and interviewing so called "experts" ("security" company reps) who are repeating the same old thing... and of course have no agenda whatsoever...

How strange that medical records would be in a form that is subject to ransomware.

I hope that this will be a wake-up call to anyone in IT in the NHS to secure their systems properly. I think it's a disgrace that something like the NHS would be subject to something like this. Ransomware is just Theft and stealing from an organisation whose remit is to help people is absolutely despicable.

I think that for "medical records" you can just read "records" Does the ransomeware search out for records from some particular database to encrypt? Dunno.

Play Bonny!

:hattip:

I would assume that "medical records" are stored in databases, not documents. Very strange. Doubly strange that "no one noticed 'all those records' being touched!

Probably not specific data at all - makes more sense to attack the system. And while you're at it, go looking for other systems.
When will people learn not to open email attachments.

Good time to remember what else is still using Windows XP:

Britain's Doomsday Nuke Subs Still Run Windows XP

Also, there's a technical analyis of the malware here:

Player 3 Has Entered the Game: Say Hello to 'WannaCry'

I think this illustrates something I've long observed: One of the most powerful forces in organizational dynamics is inertia.

@Frankbell dont forget the monumental stupidity in and of modern management
whose style seems to be more focussed on cutting costs to bolster their bonuses

Let's see.....
outdated OpSys known for deep security issues? Check.
apparent lack of Firewall level routing security? Check
vulnerability to even non-targeted attack? Check
Lack of subnet isolation and/or locked zones? Check
Negligence in security patching? Check

Conclusion - OMG! How could this have happened? SNAFU just blame hackers.

You do have a point. Security is too often an afterthought until after something happens, and sometimes not even then.

Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?

Play Bonny!

:hattip:

Cheap = Vulnerable!! Is any computer system 100% safe on the internet??

The FedEx headquarters in Memphis was hit pretty hard (or so I've been told).