LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-12-2017, 12:49 PM   #1
hazel
LQ Guru
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 5,337
Blog Entries: 15

Rep: Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124Reputation: 3124
Ransomware attack on the NHS


A large part of the UK's National Health Service has been attacked by a ransomware virus. The effect is patchy across the country, but many hospitals have lost access to their patient records and are accepting only emergency patients. A ransom in bitcoin has been demanded.

Apparently the NHS has for years been using old, unpatched, vulnerable software, so an attack like this was very much on the cards.

We tend to think of ransomware as merely costing money. This one could cost a lot of lives.

Here's a link to the BBC story

Last edited by hazel; 05-12-2017 at 12:53 PM.
 
Old 05-12-2017, 03:24 PM   #2
cynwulf
Senior Member
 
Registered: Apr 2005
Location: Walsall, UK
Posts: 2,598
Blog Entries: 7

Rep: Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078Reputation: 2078
Thus far I believe it was Windows XP workstations - not all sectors/trusts are affected. Telefonica in Spain also affected and some others around the world.

Predictably the news are going for the usual - talking about "hackers", showing lots of patch cables plugged into switches and lots of "101010101010101011...", *nix system boot messages and interviewing so called "experts" ("security" company reps) who are repeating the same old thing... and of course have no agenda whatsoever...

Last edited by cynwulf; 05-12-2017 at 03:25 PM.
 
Old 05-12-2017, 03:58 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187
How strange that medical records would be in a form that is subject to ransomware.
 
Old 05-12-2017, 05:04 PM   #4
SimonDevine
Member
 
Registered: Oct 2016
Location: Surrey, UK
Distribution: Slack 14.2 64 using KDE 4.14 on Acer Aspire M3900 i3 4GB RAM with Dell E1913 monitor 1280x1024@75Hz
Posts: 84

Rep: Reputation: 63
I hope that this will be a wake-up call to anyone in IT in the NHS to secure their systems properly. I think it's a disgrace that something like the NHS would be subject to something like this. Ransomware is just Theft and stealing from an organisation whose remit is to help people is absolutely despicable.
 
Old 05-12-2017, 05:42 PM   #5
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 19.2 (Netbook) and 18.3 (Desktop)
Posts: 1,541

Rep: Reputation: 431Reputation: 431Reputation: 431Reputation: 431Reputation: 431
Quote:
How strange that medical records would be in a form that is subject to ransomware.
I think that for "medical records" you can just read "records" Does the ransomeware search out for records from some particular database to encrypt? Dunno.

Play Bonny!

 
Old 05-12-2017, 06:17 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187
Quote:
Originally Posted by Soadyheid View Post
I think that for "medical records" you can just read "records" Does the ransomeware search out for records from some particular database to encrypt? Dunno.
I would assume that "medical records" are stored in databases, not documents. Very strange. Doubly strange that "no one noticed 'all those records' being touched!
 
Old 05-12-2017, 06:34 PM   #7
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 19,587

Rep: Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507Reputation: 3507
Probably not specific data at all - makes more sense to attack the system. And while you're at it, go looking for other systems.
When will people learn not to open email attachments.
 
Old 05-12-2017, 06:38 PM   #8
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 9,985

Rep: Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569Reputation: 4569
Good time to remember what else is still using Windows XP:

Britain's Doomsday Nuke Subs Still Run Windows XP

Also, there's a technical analyis of the malware here:

Player 3 Has Entered the Game: Say Hello to 'WannaCry'
 
Old 05-12-2017, 07:38 PM   #9
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 17,239
Blog Entries: 27

Rep: Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334
I think this illustrates something I've long observed: One of the most powerful forces in organizational dynamics is inertia.
 
Old 05-12-2017, 07:58 PM   #10
floppywhopper
Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Mageia , Centos
Posts: 640
Blog Entries: 2

Rep: Reputation: 134Reputation: 134
@Frankbell dont forget the monumental stupidity in and of modern management
whose style seems to be more focussed on cutting costs to bolster their bonuses
 
Old 05-12-2017, 08:59 PM   #11
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys
Posts: 3,531

Rep: Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424Reputation: 3424
Let's see.....
outdated OpSys known for deep security issues? Check.
apparent lack of Firewall level routing security? Check
vulnerability to even non-targeted attack? Check
Lack of subnet isolation and/or locked zones? Check
Negligence in security patching? Check

Conclusion - OMG! How could this have happened? SNAFU just blame hackers.
 
Old 05-12-2017, 09:13 PM   #12
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 17,239
Blog Entries: 27

Rep: Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334Reputation: 5334
Quote:
dont forget the monumental stupidity in and of modern management
You do have a point. Security is too often an afterthought until after something happens, and sometimes not even then.
 
Old 05-13-2017, 05:08 PM   #13
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 19.2 (Netbook) and 18.3 (Desktop)
Posts: 1,541

Rep: Reputation: 431Reputation: 431Reputation: 431Reputation: 431Reputation: 431
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?

Play Bonny!

 
Old 05-13-2017, 07:00 PM   #14
cousinlucky
Member
 
Registered: Nov 2005
Location: Staten Island N.Y.
Distribution: Antix 16 and PCLinuxOS Mate
Posts: 303

Rep: Reputation: 515Reputation: 515Reputation: 515Reputation: 515Reputation: 515Reputation: 515
Cheap = Vulnerable!! Is any computer system 100% safe on the internet??
 
Old 05-13-2017, 07:44 PM   #15
cwizardone
LQ Veteran
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib."
Posts: 6,488
Blog Entries: 1

Rep: Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833Reputation: 3833
Quote:
Originally Posted by Soadyheid View Post
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?.....
The FedEx headquarters in Memphis was hit pretty hard (or so I've been told).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Locky Ransomware Spreading in Massive Spam Attack LXer Syndicated Linux News 0 03-17-2016 06:32 PM
Hackers warn NHS over security Jeebizz Linux - News 1 06-10-2011 08:57 AM
LXer: Schools and the NHS: does Linux even get a look in? LXer Syndicated Linux News 0 07-21-2010 02:00 PM
Microsoft to keep our NHS records? sycamorex General 1 08-10-2009 07:17 PM
LXer: Novell starts work on NHS contract LXer Syndicated Linux News 0 12-19-2005 05:16 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 12:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration