Security News NHS hit by large-scale Ransom Cyber Attack

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
Along with all the technical questions that IT staff at Britain's NHS have to answer this weekend ,
I would be asking the following questions :-

Who was responsible for system back ups ?

Was anyone checking that MS Office macros were disabled for all users ?
( and a bunch of other well-known vulnerabilities )

And who the heck opened that email attachment ?
 
Last edited:

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
Yup. You can thank the British government for decimating NHS funding; forcing Trusts to cut IT budgets and fire knowledgeable IT staff who could have upgraded those systems still stuck on XP or applied those updates to W7 systems if it didn't cost too much for the downtime. It's okay though because my department only has four different managers who all take home 6 figure paychecks each year and that's apparently money well spent.

Reading your post again makes me see the probable root cause of my questions above ^^

Apathy , indolence , and the tired attitude of " not my responsibility " that some managers seem to think is just fine ,
in contrast to the front-line staff who are over-worked , underpaid , and neither appreciated nor respected .

My guess is that it will not be those " executives " with the six-figure salaries who get the blame for this preventable disaster !
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
I always find it amusing when the Security Vendors make statements about "we now protect the user" (ie "We've just added a definition") after an attack.

Kind of like someone offering you a bullet-proof vest an hour after you were blown away by a shotgun.
 

ElectricSheep

Level 14
Verified
Top Poster
Well-known
Aug 31, 2014
655
I always find it amusing when the Security Vendors make statements about "we now protect the user" (ie "We've just added a definition") after an attack.

Kind of like someone offering you a bullet-proof vest an hour after you were blown away by a shotgun.
Bit like opening a parachute just as you're about to hit the ground:eek::eek::p
 
Last edited:

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
I would be asking the following questions :-

Who was responsible for system back ups ?

Was anyone checking that MS Office macros were disabled for all users ?
( and a bunch of other well-known vulnerabilities )

And who the heck opened that email attachment ?
And how did the organization avoid keeping a basic and crucial Security Training Induction (hands-on training aside)?
It's not necessary only for the IT giants but for all institutes who're responsible for producing or delivering some important product or service.
Outdated systems and low budgets on security management get costly for sure, but the basic knowledge of the evolving security risks and common ways of avoiding or mitigating them are very important for the regular users, like the ones who clicked on the ransom-inviting-baits.
 

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
I always find it amusing when the Security Vendors make statements about "we now protect the user" (ie "We've just added a definition") after an attack.

Kind of like someone offering you a bullet-proof vest an hour after you were blown away by a shotgun.
Someone will invent time travel or reverse entropy thing to bring back all the pain it caused.
 

Weebarra

Level 17
Verified
Top Poster
Well-known
Apr 5, 2017
836
While it is awful what has happened, it may be a wake up call to those in charge of multi million businesses (and that includes the NHS because they are a business too), stop paying fat cat wages and spend money on the important things. Most of us put our trust in these large companies to keep us and our personal information safe (i know it is still unclear if patient data has been breached as yet but there is a chance), yet they continue to act like we don't matter and think if they issue an apology then all is forgiven. I feel so sad that the perpetrators don't seem to care which organisations/people they target, just any system that is vulnerable i guess but i suppose this is the world we live in nowadays.
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Along with all the technical questions that IT staff at Britain's NHS have to answer this weekend ,
I would be asking the following questions :-

Who was responsible for system back ups ?

Was anyone checking that MS Office macros were disabled for all users ?
( and a bunch of other well-known vulnerabilities )

And who the heck opened that email attachment ?

I would also ask:
- what OS was used? If XP, why wasn't it upgraded to an OS still supported by Microsoft with updates???

- why wasn't the OS (not XP) updated????

-What AV and security programs did they use?
Were these updated?
Did they use other security measures/programs?

-Do they run daily backups? If not , why???

-If they used e.g XP , knowing it was not supposed anymore - not safe, did they add security measures to protect it, e.g anti-ransom, backups?

If they used "old" OS, or didn't patch still supported ones when possible, or didn't use a good diligence in protecting the system, all these organizations should be responsible for the damages they caused and should be fined too.

It's terrible what happened and I hope this will be the last wake up call for all organizations and authorities.
All organizations should be controlled and have to pass a security audit, to meet high security standards.
 

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
To say that XP is no longer supported may not be entirely correct .

My understanding is that M$ provide a sort of private support contract ( no doubt VERY expensive ) to some big users
who stay with XP , for whatever reasons .

Examples are banks with ATMs that use embedded XP , and even some armed forces ( and that is a really scary scenario ! )

I'm not saying that I agree with this crack-pot policy ..... merely that it exists .

.... just my 2 chetrum worth :)
 
Last edited:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
To say that XP is no longer supported may not be entirely correct .

My understanding is that M$ provide a sort of private support contract ( no doubt VERY expensive ) to some big users
who stay with XP , for whatever reasons .

Examples are banks with ATMs that use embedded XP , and even some armed forces ( and that is a really scary scenario ! )

I'm not saying that I agree with this crack-pot policy ..... merely that it exists .

.... just my 2 chetrum worth :)
And you'd think a government would want to take full advantage of that contract when XP is extensively used throughout their country's state-funded national health service wouldn't you? Alas: Tories cut security support for outdated NHS computers despite hacking warnings
 
Last edited:
  • Like
Reactions: ElectricSheep

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Along with all the technical questions that IT staff at Britain's NHS have to answer this weekend ,
I would be asking the following questions :-

Who was responsible for system back ups ?

Was anyone checking that MS Office macros were disabled for all users ?
( and a bunch of other well-known vulnerabilities )

And who the heck opened that email attachment ?
I have another solution.

Try to throw in prison some IT executives accusing them for manslaughter if any patient should die due to negligence by applying the patch and management in security systems.

You will see how everyone will run applying patches and monitoring systems!

And maybe the ransomware would have less air to breathe.
 

Retality

Level 1
May 14, 2017
8
The whole of United Kingdom is under attack. NHS run's throughout Scotland, England & Wales. Northern Ireland I can't find any information on; so someone with more knowledge on that can help me.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top