Cyber attack on hospitals

There have been ransomware cyber attacks reported in 74 countries around the world.
 
stevelmx5 said:
Looks like the NHS IT support haven't patched theirs in time.
Click to expand...

Apparently, according to the news this eve, there were patches against this issued in Feb. Seems like someone/dept isn't keeping up?
 
OldCarlos said:
Apparently, according to the news this eve, there were patches against this issued in Feb. Seems like someone/dept isn't keeping up?
Click to expand...
Doesn't surprise me. Some smb don't get around to patching. Let alone a national, multi trust with their own systems organisation that are all linked together.

It'd only take 1 machine to get the ball rolling.
 
I get the feeling that if this was RBS or Barclay's heads would roll, but sadly in the NHS I suspect they've become victim to a lack of investment in infrastructure and support, lets face it in the current climate they're stretched to spend the money on doctors, nurses and clinical activities rather than IT.
 
chrism_scotland said:
I get the feeling that if this was RBS or Barclay's heads would roll, but sadly in the NHS I suspect they've become victim to a lack of investment in infrastructure and support, lets face it in the current climate they're stretched to spend the money on doctors, nurses and clinical activities rather than IT.
Click to expand...

Why would they hire IT support staff?

We're sick to death of all the waste in the NHS. we should pay doctors and nurses and that's it. Sick of all these bureaucrats wasting taxpayers money. :exit:
 
Wow shock NHS with crap IT staff had issues/
 
Time for you guys to make sure you have the latest MS security updates installed on your systems

Also make sure you have a non LAN linked backup in place
 
The press do love stirring fear don't they. The amount of articles stating that this was an "NHS targeted attack" and "holding them to ransom" is so dramatic.

Someone somewhere has started an email phishing attack to *@nhs.net, *@barclays.com, @.hsbc.net (etc) in the hope that enough genuine email addresses are hit and those same people are naive enough to open an attached MS Word template file (.dot) and then also click on 'yes' to allow it to run. Once it's run, it will target any network shares that the user has access to and encrypt all files it can find. After that, the next person does the same and so on until a large amount of network-shared data is now encrypted. If a user then opens a file, they just see an image instead of the file stating that they need to pay an amount in bitcoin/PayPal to decrypt the file.

The only option for the IT department is to restore those encrypted files from a previous backup (assuming it worked) when they were accessible which is a headache in itself so it's easier to restore entire folders but that takes longer and has more of a knock-on effect because files that were fine and have had changes made to them since the outbreak are also restored to a previous version so uses lose work they've done.

All in all, like most "hacker attacks", it relies on end users being naive (or greedy in the case of "you've won the lottery..") enough to open attachments from people they don't know.
 
stevelmx5 said:
The press do love stirring fear don't they. The amount of articles stating that this was an "NHS targeted attack" and "holding them to ransom" is so dramatic.

Someone somewhere has started an email phishing attack to *@nhs.net, *@barclays.com, @.hsbc.net (etc) in the hope that enough genuine email addresses are hit and those same people are naive enough to open an attached MS Word template file (.dot) and then also click on 'yes' to allow it to run. Once it's run, it will target any network shares that the user has access to and encrypt all files it can find. After that, the next person does the same and so on until a large amount of network-shared data is now encrypted. If a user then opens a file, they just see an image instead of the file stating that they need to pay an amount in bitcoin/PayPal to decrypt the file.

The only option for the IT department is to restore those encrypted files from a previous backup (assuming it worked) when they were accessible which is a headache in itself so it's easier to restore entire folders but that takes longer and has more of a knock-on effect because files that were fine and have had changes made to them since the outbreak are also restored to a previous version so uses lose work they've done.

All in all, like most "hacker attacks", it relies on end users being naive (or greedy in the case of "you've won the lottery..") enough to open attachments from people they don't know.
Click to expand...
indeed.

lets face it someone may have even been checking their personal mail when they downloaded/clicked on something dodgy. or a compromised USB stick.

all of the NHS sites are linked so stands to reason it became a bit of a national issue for them.
 
neil_g said:
Doubt it's targeted as some are reporting.
Click to expand...


like the media and everyone on social media ?

I bet the attackers where as suprised as anyone else when the nhs got it.. maybe even a bit worried...

Can't wait to see the film when it comes out..
 
Phil V said:
We're sick to death of all the waste in the NHS. we should pay doctors and nurses and that's it. Sick of all these bureaucrats wasting taxpayers money. :exit:
Click to expand...
If only there was a thread where some people had been mouthing off about all the non-medical staff cluttering up hospitals and wanting to see them sacked? .. ..


PS
There must be a way of banning thread-starting posts that include a link and nothing else.. after all, if you've nothing to say about a story wtf would you want to share it? (no, links do not "speak for themselves")
 
90% of NHS kit still on XP is the reason.
 
Alastair said:
If only there was a thread where some people had been mouthing off about all the non-medical staff cluttering up hospitals and wanting to see them sacked? .. ..


PS
There must be a way of banning thread-starting posts that include a link and nothing else.. after all, if you've nothing to say about a story wtf would you want to share it? (no, links do not "speak for themselves")
Click to expand...

The reason it had no input was because i do not know enough about these things to make a sensible comment, i was hoping some of the replies would help me understand the situation a bit,most did without taking a pop at me:D. If i had made comments that showed my ignorance ime sure you would have been polite about pointing it out to me.
 
"Here's an interesting story that caught my eye this morning, I wonder if there's anyone more knowledgeable that could shed some light on it.."

Not so hard. But to be fair, I don't think you're one of the persistent offenders.. there are one or two here for whom link-only posts (before clearing off never to be seen on that thread again) seem to be the bulk of what they post.. ;)
 
Renault and Nissan factories hit too.
 
If some numpty is going to click on something they shouldn't then they might as well be using 3.11
 
NHS Digital address the issue of computer systems using XP in one of it's latest statements on the cyber attack

Heinz
 
Alastair said:
If only there was a thread where some people had been mouthing off about all the non-medical staff cluttering up hospitals and wanting to see them sacked? .. ..


PS
There must be a way of banning thread-starting posts that include a link and nothing else.. after all, if you've nothing to say about a story wtf would you want to share it? (no, links do not "speak for themselves")
Click to expand...
Someone got out of the wrong side of bed this morning.:police::dummy:
 
I care more about my own computers than I do about this NHS chaos.

The bbc tonight did their usual scares on an international scale but failed to tell us how we might be effected.

Computing is a strange thing when no one ( beeb, guardian, mother riley) is willing to comment on such technicals whilst waffling endlessly on political speculati. Yawn.
 
Last edited:
d00d said:
I care more about my own computers than I do about this NHS chaos.

The bbc tonight did their usual scares on an international scale but failed to tell us how we might be effected.

Computing is a strange thing when no one ( beeb, guardian, mother riley) is willing to comment on such technicals whilst waffling endlessly on political speculati. Yawn.
Click to expand...

How you might be affected as an individual?

As far as your own computer systems go if you are up to date with security patches etc. then this will not affect you at all.

The worms spread was stopped, by accident it seems, in its tracks yesterday by a security bod: SOURCE
 
Keith W said:
How you might be affected as an individual?

As far as your own computer systems go if you are up to date with security patches etc. then this will not affect you at all.

The worms spread was stopped, by accident it seems, in its tracks yesterday by a security bod: SOURCE
Click to expand...

By a blogging geek. :-)
I'm assuming they're also looking at him as a possible source.
 
well thank you Keith, I didn't imagined for a moment that I might be affected as an individual . The plight of us individuals holds no newsworthiness anyway.

I do feel the bbc and any noteworthy news agency should do the honourable thing and reassure us computer illiterates where we stand in the midst of such a scare.

Bring it on aunty.
 
d00d said:
well thank you Keith, I didn't imagined for a moment that I might be affected as an individual . The plight of us individuals holds no newsworthiness anyway.

I do feel the bbc and any noteworthy news agency should do the honourable thing and reassure us computer illiterates where we stand in the midst of such a scare.

Bring it on aunty.
Click to expand...

You just need to do two things (as with 99% of all infections);

1) Make sure Windows Update is enabled and up to date. It's good practice to leave your computer on 24/7 so updates can install overnight.

2) Don't open emails from people you don't know, then double-click on the unexpected attachment and then click 'yes' when asked for approval to run the attachment (which is what started the whole "ransomware attack").
 
Windows update doesn't work on my fresh win 7 64bit update. Handy eh.
 
You must log in or register to reply here.
Back
Top