Announcements > News Articles

NHS hit by ransomware!

(1/18) > >>

Bowdon:
http://www.dailymail.co.uk/news/article-4500738/NHS-hack-huge-global-cyber-attack.html

https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack

http://www.bbc.co.uk/news/health-39899646

https://www.theregister.co.uk/2017/05/12/nhs_hospital_shut_down_due_to_cyber_attack/ UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

From what I understand about ransomware.. most of it comes via email attachements. I'm sure this is whats happened in this situation. Maybe the emails were targetted to the nhs email addresses but people clicked on the fake attachments.

I don't know why any good technician couldnt have setup the email attachments so only outgoing emails can send them. Also have checks on all external links going through some kind of scanner. But like a lot of tech people these days I don't think they are that up to date with the current hardware/software. I've heard people say some computers are still on windows 95.

UK needs to stop dragging its heals when it comes to technology.

sevenlayermuddle:
Imho the probem lies with the attitude that we'll be safe if we tick all the boxes... Latest OS, AV, update etc.  Utter nonsense.   No amount of OS updates or AV will give the slightest protection, if you are among the first to be targetted when new malware is unleashed.

The answer, to me, lies in getting the message across to big institutions like the NHS and the banks... IT is fundamentally insecure.  Period. 

Encryption is no real defence, as vulnerabilities will be found that allow it to be cracked - as has always happened, and always will.    Conduct your business on the assumption you will be successfuly attacked, just plan for dealing with it.  And don't be surprised when it happens, regardless of any assurances you may have been given by highly paid 'security specialists'.

NEXUS2345:

--- Quote from: sevenlayermuddle on May 12, 2017, 10:23:13 PM ---Imho the probem lies with the attitude that we'll be safe if we tick all the boxes... Latest OS, AV, update etc.  Utter nonsense.   No amount of OS updates or AV will give the slightest protection, if you are among the first to be targetted when new malware is unleashed.

--- End quote ---

Now, I understand what you mean, but in this instance, this situation was entirely caused by a lack of updates. The ransomware strain in question makes use of MS17-010, a vulnerability that was patched over a month ago, to spread between Windows systems. In this case, if the NHS had been using a modern and up to date OS, this would not have occurred on the scale it has.

While this is not true for all strains of malware, this specific type and strain has many proven solutions to prevent it, including solutions from many AV vendors, and even included in Windows Defender on newer OS builds such as Windows 10.


--- Quote from: sevenlayermuddle on May 12, 2017, 10:23:13 PM ---Encryption is no real defence, as vulnerabilities will be found that allow it to be cracked - as has always happened, and always will.    Conduct your business on the assumption you will be successfuly attacked, just plan for dealing with it.  And don't be surprised when it happens, regardless of any assurances you may have been given by highly paid 'security specialists'.

--- End quote ---

I do agree with you here. Encryption is not a defence, it is simply a measure to reduce the damage once an attack has occurred. In this situation, no amount of encryption would have stopped the ransomware spreading, but in the case where the data was stolen, it would have prevented access assuming the encryption keys weren't also stolen, and that a good algorithm was used, such as 256 bit AES.

Vulnerabilities will always be found in systems, and OEMs will always do their best to patch them if they are found before they are exploited, but in some cases they are exploited first. Ensuring systems are up to date is still a key step to ensuring systems are kept secure, but yes, you still have to expect that you will be attacked successfully, otherwise you risk much harsher repercussions, especially with the EU General Data Protection Rules coming into force soon, with their much harsher penalties.

sevenlayermuddle:

--- Quote from: NEXUS2345 on May 12, 2017, 10:32:19 PM ---Now, I understand what you mean, but in this instance, this situation was entirely caused by a lack of updates.

--- End quote ---

I disagree.   This situation was entirely caused by a bunch of crooks out to make money. 

Chances are the crooks will make an great mountain of money, enough to attract better programming talent than the OS authors, or AV vendors, could hope to recruit.

For the likes of me and (I assume) thee, things are different.   Little ol' me is unlikely to attract the massed efforts of the world's most advanced IT experts, chasing after my holiday snaps or worthless App source code.   So AV and updates will make me reasonably safe.  But for big value targets, the crooks will always win, and probably at a moment of their choosing - regardless of precautions.

Just my opinion.

WWWombat:

--- Quote from: sevenlayermuddle on May 12, 2017, 10:23:13 PM ---The answer, to me, lies in getting the message across to big institutions like the NHS and the banks... IT is fundamentally insecure.  Period. 

--- End quote ---

The ones who need that message are the people who make budgets for such organisations.

Once that organisation is hooked into the technology, then lifelong maintenance spending is required. It is no good for, say, a government to go on an austerity drive, and shut down budgets.

But when push comes to shove, what gives? Another ward? Or next year's Win 95 upgrade budget?

Navigation

[0] Message Index

[#] Next page

Go to full version