LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 05-12-2017, 12:49 PM   #1
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,276
Blog Entries: 1

Rep: Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578Reputation: 578
Ransomware attack on the NHS


A large part of the UK's National Health Service has been attacked by a ransomware virus. The effect is patchy across the country, but many hospitals have lost access to their patient records and are accepting only emergency patients. A ransom in bitcoin has been demanded.

Apparently the NHS has for years been using old, unpatched, vulnerable software, so an attack like this was very much on the cards.

We tend to think of ransomware as merely costing money. This one could cost a lot of lives.

Here's a link to the BBC story

Last edited by hazel; 05-12-2017 at 12:53 PM.
 
Old 05-12-2017, 03:24 PM   #2
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 1,967
Blog Entries: 5

Rep: Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006
Thus far I believe it was Windows XP workstations - not all sectors/trusts are affected. Telefonica in Spain also affected and some others around the world.

Predictably the news are going for the usual - talking about "hackers", showing lots of patch cables plugged into switches and lots of "101010101010101011...", *nix system boot messages and interviewing so called "experts" ("security" company reps) who are repeating the same old thing... and of course have no agenda whatsoever...

Last edited by cynwulf; 05-12-2017 at 03:25 PM.
 
Old 05-12-2017, 03:58 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,457
Blog Entries: 4

Rep: Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920
How strange that medical records would be in a form that is subject to ransomware.
 
Old 05-12-2017, 05:04 PM   #4
SimonDevine
LQ Newbie
 
Registered: Oct 2016
Location: Surrey, UK
Distribution: Slack 14.2 64 using KDE 4.14 on i3 rig
Posts: 9

Rep: Reputation: 3
I hope that this will be a wake-up call to anyone in IT in the NHS to secure their systems properly. I think it's a disgrace that something like the NHS would be subject to something like this. Ransomware is just Theft and stealing from an organisation whose remit is to help people is absolutely despicable.
 
Old 05-12-2017, 05:42 PM   #5
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 17.3 and 18 at present.
Posts: 1,273

Rep: Reputation: 290Reputation: 290Reputation: 290
Quote:
How strange that medical records would be in a form that is subject to ransomware.
I think that for "medical records" you can just read "records" Does the ransomeware search out for records from some particular database to encrypt? Dunno.

Play Bonny!

 
Old 05-12-2017, 06:17 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,457
Blog Entries: 4

Rep: Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920Reputation: 2920
Quote:
Originally Posted by Soadyheid View Post
I think that for "medical records" you can just read "records" Does the ransomeware search out for records from some particular database to encrypt? Dunno.
I would assume that "medical records" are stored in databases, not documents. Very strange. Doubly strange that "no one noticed 'all those records' being touched!
 
Old 05-12-2017, 06:34 PM   #7
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 15,814

Rep: Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171Reputation: 2171
Probably not specific data at all - makes more sense to attack the system. And while you're at it, go looking for other systems.
When will people learn not to open email attachments.
 
Old 05-12-2017, 06:38 PM   #8
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: Slackware
Posts: 7,521

Rep: Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874Reputation: 2874
Good time to remember what else is still using Windows XP:

Britain's Doomsday Nuke Subs Still Run Windows XP

Also, there's a technical analyis of the malware here:

Player 3 Has Entered the Game: Say Hello to 'WannaCry'
 
Old 05-12-2017, 07:38 PM   #9
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,513
Blog Entries: 16

Rep: Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212
I think this illustrates something I've long observed: One of the most powerful forces in organizational dynamics is inertia.
 
Old 05-12-2017, 07:58 PM   #10
floppywhopper
Member
 
Registered: Aug 2004
Location: Albany, Western Australia
Distribution: Mageia , SME , IP Fire, LinuxMX
Posts: 630
Blog Entries: 2

Rep: Reputation: 114Reputation: 114
@Frankbell dont forget the monumental stupidity in and of modern management
whose style seems to be more focussed on cutting costs to bolster their bonuses
 
Old 05-12-2017, 08:59 PM   #11
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware has beern Main OpSys for decades while testing others to keep up
Posts: 1,430

Rep: Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349Reputation: 1349
Let's see.....
outdated OpSys known for deep security issues? Check.
apparent lack of Firewall level routing security? Check
vulnerability to even non-targeted attack? Check
Lack of subnet isolation and/or locked zones? Check
Negligence in security patching? Check

Conclusion - OMG! How could this have happened? SNAFU just blame hackers.
 
Old 05-12-2017, 09:13 PM   #12
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,513
Blog Entries: 16

Rep: Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212Reputation: 3212
Quote:
dont forget the monumental stupidity in and of modern management
You do have a point. Security is too often an afterthought until after something happens, and sometimes not even then.
 
Old 05-13-2017, 05:08 PM   #13
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 17.3 and 18 at present.
Posts: 1,273

Rep: Reputation: 290Reputation: 290Reputation: 290
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?

Play Bonny!

 
Old 05-13-2017, 07:00 PM   #14
cousinlucky
Member
 
Registered: Nov 2005
Location: Staten Island N.Y.
Distribution: Antix 16 and PCLinuxOS Mate
Posts: 248

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
Cheap = Vulnerable!! Is any computer system 100% safe on the internet??
 
Old 05-13-2017, 07:44 PM   #15
cwizardone
Senior Member
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib." FreeBSD.
Posts: 3,526
Blog Entries: 1

Rep: Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894Reputation: 894
Quote:
Originally Posted by Soadyheid View Post
Well, looks like it's not just our NHS that's been hit. (I notice that Nissan UK and Renault France have also had problems) 99 countries and counting. Worst hit Europe and Russia! What have you got in the US?.....
The FedEx headquarters in Memphis was hit pretty hard (or so I've been told).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Locky Ransomware Spreading in Massive Spam Attack LXer Syndicated Linux News 0 03-17-2016 06:32 PM
Hackers warn NHS over security Jeebizz Linux - News 1 06-10-2011 08:57 AM
LXer: Schools and the NHS: does Linux even get a look in? LXer Syndicated Linux News 0 07-21-2010 02:00 PM
Microsoft to keep our NHS records? sycamorex General 1 08-10-2009 07:17 PM
LXer: Novell starts work on NHS contract LXer Syndicated Linux News 0 12-19-2005 05:16 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 01:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration