Nhs Attack And Thoughts

[Regulo]

The cyber attack on the NHS (amongst others) has got me thinking. I keep my anti-virus and malware programs up to date, but what if I did get a ransomware attack? Would any "cleaner" programs remove it and get my access back? IMO, computer hackers should be locked up and the key thrown away. It may be fun to them, but life and death to the rest of us.

[Maxwellian]

I believe that this was a recognised security problem in Windows and that the was fixed in an update. If you did not keep your SW up to date with the up dates you would be vulnerable. 

Malwarebytes claim that their SW pro version would have protected you against it. As far as fixing it goes, there are probably some very clever people trying to work that out at the moment.

[grendel]

apparently this was a worldwide attack affecting 99 countries - so not just the NHS

[thingamybob]

I believe the NHS is using Windows XP machines. XP machines are now vulnerable to attack as Microsoft do not support XP except for on cash machines, many of which use XP.

When I was working I used to back up our machine once a week and using four sets of back ups that were rotated. Even if we found the machine had been corrupted and the last set of backups were also corrupted we at least we had the other three backups to fall back on although the latest information would be missing. All our backups were stored in a safe off site in case of fire.

Hopefully the NHS has used this system, if not they have been grossly negligent.

It also makes me wonder how the bug got into the machines. Where I worked, if you were using the machines for personal use or plugging in your own mass storage device or playing games on the machines you would be instantly dismissed. Eventually my employers disabled all methods of plugging in mass storage devices except for machines where operators were authorised. Also, the main network was on rented private lines all over the Country and abroad. Machines connected to the internet were not connected to the main network. 

[grendel]

on our company network, emails all have attachments converted to pdf (you have to request the original files then they are subjected to additional anti virus scans) usb's are disabled, and everything is stored off of your personal machine, and all of the servers are backed up daily. many people have complained at the restrictions, but this shows how careful companies need to be. we do have one machine at each site that can accept usb, this machine is off of our network, the files are saved to our company cloud site, then scanned for viruses before being released, you can then access your 'company cloud site from your company machine to get your scanned and virus free files.

[HemsbyPie]

I'm in no way a "techie" so can't comment on the computer side of things, but given that my wife is 2 weeks away from her elected c-section date I would like 5 minutes in a locked room with the scum that caused this... Suffice to say he wouldn't be using a keyboard for a while.

[ginbottle]

Good luck, Mr. & Mrs. HemsbyPie, hope all goes well with the little one! The idiots responsible for this cyber attack should be charged with the most serious offence possible, as it has affected the most vulnerable people, the sick and the elderly. Doctors have been unable to check patients' medications, etc. This is no joke...it is threatening lives! As Regulo said, lock them up...a fine is certainly not enough! 

[grendel]

that must have been what was causing all the queues at the pharmacy in Asda this morning, people who had run out of medications, when they put the repeat in thursday, andhad expected it to be ready today were being told monday

[LondonRascal]

The best way to thwat this sort of threat is to be able to stick two fingers up at the people behind it should you ever fall victim to it, but letting the data be destroyed safe in the knowledge you've lost nothing because you have a back up.

I back up everything in two locations and once you get into the habit of it, it becomes second nature. For safety I don't leave the back up as an attached storage media to the machine or on my network just in case if the machine did fall victim to a virus or ransomware it, or any other network attached storage could not likewise become encrypted.

Much of the issue with this sort of thing is it is not a virus - it simple encrypts data - it is a program that executes without your permission and once it has you are at its mercy.

If you had a back up of data and got infected, wipe the machine, do a fresh install of Windows and then put your data back - you might be a day behind in data but have a working machine and have no money to pay. I remember reading about a Pub owner who was attacked, paid up and sure enough got his data back - only to find himself on a list that showed he was a 'payer' and attacked again perhaps by the same people or someone else, but the random had increased.

[Gracie]

Just like to wish Mr and Mrs HemsbyPie all the very best for the birth of their little one

I don't believe in violence of any kind but I'll make an exception in this case, when faced with this terrible attack on vulnerable people, I hope they lock them up and throw away the key, or let Hemsby in a room alone with them for a few minutes, that should do the trick

Grace

 

[riyadhcrew]

Especially if we can let him in with an oar or a boat hook. lol.

[TheQ]

An " expert" on TV this morning pointed out the NHS has less than 1 in twenty machines still on XP and most of those are not on the network. The problem in general was not XP but the non installation of the windows 7 and later software patches released by MS two months ago.

The company I work for has machines that go back as far as DOS, but xp and older are not allowed on the network, all current machines are up dated with any patches at least once a month. All done by central IT, automatically, as soon as they have checked the patches themselves are safe for our machines.

[grendel]

Just now, TheQ said:

An " expert" on TV this morning pointed out the NHS has less than 1 in twenty machines still on XP and most of those are not on the network. The problem in general was not XP but the non installation of the windows 7 and later software patches released by MS two months ago.

The company I work for has machines that go back as far as DOS, but xp and older are not allowed on the network, all current machines are up dated with any patches at least once a month. All done by central IT, automatically, as soon as they have checked the patches themselves are safe for our machines.

I think that this may be the issue here, the length of time required to check for software compatibility of the updates, the NHS probably has far more in the ways of odd little bits of software to run / interface with various machines that the testing takes so long that they had not yet completed it or that it is so onerous that they dont even try.

even after all the testing we still have issues with machines after update rollouts, some just stop working, others just wont do certain things.

I still run 2 XP machines, one as a print server, one as a file server, both are on my home network, neither connects to the internet, I have never had a virus problem with either.

[JawsOrca]

Sorry y'all my view on this is slightly different.

The NHS systems are disgusting, I had a message from a contact that said that the trusts have been greedy and mismanaged this so as always its crap and greedy upper management that have led to this.. There are little excuses for not updating computer systems, the trusts have money they just spend it wrong (outsourcing to the wrong companies.. typically companies owned by thier golfing buddies!).

Hopefully though the NHS and UK government will learn from this and get their act together. If anything this is a needed wake up call to management that you can not run and make money on old systems.. get your act together, spend properly and mondernise!

Sadly the world needs computer hackers for good reasons;  Most of our systems are developed by computer hackers, it's actually a way for some very smart people out there to get noticed and further improve our lives. Although lately it seems that the days of hackers being 10 year kids is somewhat gone although it seems this attack was stopped by a 22 year old hacker in his bedroom who hacked the hack and stoped it.. There are also suggestions that this attack is part of a huge cyber war between governments so therefore this was not some little kid it was the american government.. Don't forget with war brings technological improvement... yes it's disgusting the NHS has been affected but it's certainly an eye opener to see.. personally I will not do trade with any company  who publicly admit to using xp as our data isn't secure..

Needless to say the NBN is not run on xp as is Trimnet's.

[Gracie]

Blimey, forget Theresa May and Jeremy Corbyn, Jaws for Prime Minister

Grace

[teadaemon]

It's worth mentioning that up until 2015, even though XP had been declared 'end of life' by Microsoft, they were happy to provide security updates to the NHS as they were being paid £5.5 million per year to do so. Somebody at the Department of Health decided that this wasn't necessary and ended the contract.

This is not actually that unusual a situation, whilst some cashpoints still use XP, a fair number are still running Windows NT 4 service pack 5, which was getting replaced with Windows 2000 back when I was first getting into working in IT (amongst my less useful qualifications I am, or at least was, a Microsoft Certified Professional in Windows NT 4 Workstation and Server). Other large users of NT that pay for support from Microsoft include the US Navy, who use it to control all of the systems on most of their ships.

[Malanka]

Fiona was with my Mother in Broomfield in Chelmsford when this happened we were waiting for my mum to be transfered from emergency short stay assessment to the elderly care ward when shazam the computer system went down. They had to wait three hours for a porter to be dispatched. Having walked that journey myself its a walk and a half pushing a heavy hospital bed. By the way when did hospital beds get so high tech ? Last time I was in (thankfully 24 yrs ago) it was bump bars and five pillows now is gadgets for this gizmos for that (back up, feet up, bum up down etc). Amazing.