Spawn

Administrator
Staff member
Verified
Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.

The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS England said it was aware of the problem and would release more details soon.

C_n7v4BWsAAi8Sb[1].jpg

Source: gigi.h on Twitter
 

Arequire

Level 22
Content Creator
Verified
Wasn't in work today so I'm unaware if my hospital or department has been hit by this. I did receive this email sent to all hospital staff from my IT department (had to remove parts to protect the location and names of some of our staff):

Wouldn't doubt this is confirmation of the infection vector.
 
Last edited:

Weebarra

Level 15
Verified
I wonder how they will deal with it. Do they risk losing peoples valuable medical history or do they pay up ? I don't know enough to know if they can get the files back some other way but i doubt the government would pay because in my opinion it is akin to a terror attack and we don't pay ransoms to terrorists or kidnappers (allegedly)

Several hospitals, GP and Dental surgeries have been hit in my immediate area and people have been asked not to attend A & E departments unless it is a genuine emergency. I hope that all the drunkards and eejits who turn up at A & E at the weekends actually take heed and let them deal with those who most need help.
 

Music4Ever

Level 6
I work in a UK Hospice (Charity) & they shut the server down just after after1:30pm & it was unclear what had happened, when I left a while ago they were trying to restore the system from backups, hope they are successful. Those people who distribute such malware are parasites & scum, absolute. The Hospice has to raise over £3,000,000 a year in donations just to keep open & we really could do without this.
 

Spawn

Administrator
Staff member
Verified
Big targets

National Health Service (NHS) England, and Telefonica, one of the largest telecom providers in the world, have each given out statements indicating that their systems have been brought to a grinding halt by a ransomware that Malwarebytes detects as Ransom.WanaCrypt0r. The ransomware has also been observed hitting companies in Spain, Russia, Ukraine, and Taiwan.

Method

The ransomware is spread using a known, and patched, vulnerability (MS17-010) that came from a leaked NSA set of exploits that we reported on our blog in April. Our research shows the encryption is done with RSA-2048 encryption. That means that decryption will be next to impossible, unless the coders have made a mistake that we haven’t found yet.

Read more at WanaCrypt0r ransomware hits it big just before the weekend | Malwarebytes
 

Arequire

Level 22
Content Creator
Verified
Apparently many companies are still using old and unpatched (missing MS17-010) windows versions ....and bad AV.
Yup. You can thank the British government for decimating NHS funding; forcing Trusts to cut IT budgets and fire knowledgeable IT staff who could have upgraded those systems still stuck on XP or applied those updates to W7 systems if it didn't cost too much for the downtime. It's okay though because my department only has four different managers who all take home 6 figure paychecks each year and that's apparently money well spent.
 

Viking

Level 22
Trusted
Verified
Absolutely DISGUSTING that they're targetting hospitals! LIVES are at stake!:mad::mad::mad::mad:
I would love to catch the SCUMS responsible, inflict them with a cocktail of nasty drugs so they are in so much pain and the drugs also causes their organs to shut down. Put them on a operating table and tell them "if you want us to save your life, you must first pay us ransomware". And if they do ,fine. Then start the whole procedure again...
 

cruelsister

Level 36
Content Creator
Trusted
Verified
The real issue here is that SO many organizations are so locked in to the traditional method of malware Protection (Whatever AV) that they refuse to understand that NONE OF THESE will protect against a true zero day ransomware strain (until it's too late). There are many types of security products (like FireEye) that could have protected the infected organizations from this ransomware, but the "Braintrust" management of many IT departments just don't want to spend extra money on such protection (may impact their bonuses).

And this is the true mechanism of this ransomware- exploiting Fools who should have known better.
 

ElectricSheep

Level 12
Verified
The real issue here is that SO many organizations are so locked in to the traditional method of malware Protection (Whatever AV) that they refuse to understand that NONE OF THESE will protect against a true zero day ransomware strain (until it's too late). There are many types of security products (like FireEye) that could have protected the infected organizations from this ransomware, but the "Braintrust" management of many IT departments just don't want to spend extra money on such protection (may impact their bonuses).

And this is the true mechanism of this ransomware- exploiting Fools who should have known better.
Sad but true:(
 

Similar Threads

Similar Threads