LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-07-2017, 11:18 AM   #1
RandomTroll
Senior Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 1,286

Rep: Reputation: 218Reputation: 218Reputation: 218
'Cyberattack on Britain's National Health Service - A Wake-up Call for Modern Medicine'


N Engl J Med 2017; 377:409-411 August 3, 2017 DOI: 10.1056/NEJMp1706754
http://www.nejm.org/doi/full/10.1056/NEJMp1706754

Quote:
Less fortunate were NHS general practices, many of which are
now fully electronic. With no backup paper systems for registering
patients on arrival, recording consultations, or prescribing
medications, they were forced to close their doors, turning their
patients away.
Quote:
"At my hospital we are literally unable to do any x-rays,
which are an essential component of emergency medicine."
Quote:
At one of the capital's biggest hospitals, the automated refrigerators used for dispensing blood products were shut down,
Quote:
the biggest surprise of the malware attack was not that it
happened but why it had taken so long. It is an irony lost on no NHS
doctor that though we can transplant faces, build bionic limbs, even
operate on fetuses still in the womb, a working, functional NHS
computer can seem rarer and more precious than gold dust.
The lesson of this article is how behind-hand the medical community is
to digital security. I don't pick on the British: American hospitals
have been successfully attacked too. I attribute it partly to
providing care crowding out everything else that can be put off and
partly to the conceit of the medical community about their superiority
to 'lesser' concerns, as seen in the treatment of Semmelweis.
 
Old 08-07-2017, 04:32 PM   #2
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: Mojave
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
This article is available to subscribers.
 
Old 08-08-2017, 03:43 AM   #3
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1004Reputation: 1004Reputation: 1004Reputation: 1004Reputation: 1004Reputation: 1004Reputation: 1004Reputation: 1004
It usually takes an attack to motivate anyone to action. If you can't see it, and it doesn't affect you, you're not going to care. Ideally we learn from the mistakes of others. But there is a tendency toward the belief that it won't happen to "me".
 
Old 08-08-2017, 06:52 AM   #4
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 4,171
Blog Entries: 3

Rep: Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063Reputation: 2063
Quote:
Originally Posted by AwesomeMachine View Post
But there is a tendency toward the belief that it won't happen to "me".
That's some of it. There is also a large component of ideology and willful blindness to facts, even if it means taking a loss. People have known for 20+ years that M$ products are not fit for purpose, and especially unsuited to networked enviroments. These latest events only rub their noses in it one more time again:

http://www.networkworld.com/article/...you-fired.html

Yet they've persisted and over time have replaced their IT staff with M$ resellers. It's causing them to not just lose money but to also lose patients.
Given the seriousness of the situation those that ordered the rollout of M$ inside the hospitals need to be facing manslaughter charges.
 
Old 08-08-2017, 10:45 AM   #5
RandomTroll
Senior Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 1,286

Original Poster
Rep: Reputation: 218Reputation: 218Reputation: 218
Quote:
Originally Posted by Habitual View Post
This article is available to subscribers.
Sorry! I connect at the university, whose users inherit its subscriptions. I quoted choice parts that give the important points I wanted to pass along; anyone can read the abstract. The details aren't that important: the important message is that the UK's NHS can be so careless.
 
Old 08-08-2017, 11:12 AM   #6
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 3,390
Blog Entries: 9

Rep: Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894Reputation: 1894
It's not only the NHS! Do you remember the TalkTalk scandal? Someone cracked their customer database and made off with all kinds of personal info, and the company spokesperson couldn't even say whether the data had been encrypted or not. And that's supposed to be a tech firm! If they don't know zilch about the tech they're using, what do you expect of medical staff?
 
Old 08-08-2017, 12:47 PM   #7
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,367

Rep: Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258
Being "behind hand" is not the problem.
The situation is more complicated and depressing but pkease don't believe the media about either the impact or the number of XP machines.
 
Old 08-09-2017, 11:39 AM   #8
RandomTroll
Senior Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 1,286

Original Poster
Rep: Reputation: 218Reputation: 218Reputation: 218
Quote:
Originally Posted by hazel View Post
It's not only the NHS! Do you remember the TalkTalk scandal? Someone cracked their customer database and made off with all kinds of personal info, and the company spokesperson couldn't even say whether the data had been encrypted or not. And that's supposed to be a tech firm! If they don't know zilch about the tech they're using, what do you expect of medical staff?
I expect the NHS to hire competent professionals. They hire professional accountants, architects, engineers, scientists... They're not 'TalkTalk'.
 
Old 08-09-2017, 11:40 AM   #9
RandomTroll
Senior Member
 
Registered: Mar 2010
Distribution: Slackware
Posts: 1,286

Original Poster
Rep: Reputation: 218Reputation: 218Reputation: 218
Quote:
Originally Posted by 273 View Post
Being "behind hand" is not the problem.
The situation is more complicated and depressing but pkease don't believe the media about either the impact or the number of XP machines.
I only know what I read in the medical journals (which includes 'The Lancet'). If you know more I'd be glad to read about it.
 
Old 08-09-2017, 11:56 AM   #10
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,367

Rep: Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258Reputation: 2258
Quote:
Originally Posted by RandomTroll View Post
I only know what I read in the medical journals (which includes 'The Lancet'). If you know more I'd be glad to read about it.
All I know is that government IT systems do include a a good many XP clients for what appears to be no reason other than nobody will pay to have the kit upgraded. What I am told about the NHS is that that is the case there too -- with XP machines still being handed out as current kit but I have to admit that most of this is third hand from friends of those who work for the NHS and from conversations with those who work in its peripheries. In other words, Civil Service IT grapevine but I trust it more than the sudden change from "lots of XP machines affected" to "a small percentage, running XP".
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to get rid of Unwanted Launcher from National Weather Service pizzipie Linux - General 4 01-27-2017 06:35 AM
Music Wake Up Call btaylor1988 Linux - Desktop 17 03-23-2008 09:22 AM
National Do Not Call Registry Dragineez General 1 09-21-2007 11:38 AM
LXer: Industry, Academia, Medicine And Government Leaders Team Up To Tackle Personal Health Records LXer Syndicated Linux News 0 07-27-2006 07:54 AM
LXer: The wake up call of the JBoss blueprint LXer Syndicated Linux News 0 02-23-2006 04:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration