Windows 10: Cyber attack in UK, US, China, Russia, Spain, Italy, and others

The NHS has been under attack in UK..

:)

 

Cortana missing on my Lumia 620

That's because with 8.1.1 Cortana is only available in the US, UK, China, Canada, France, Italy, India, Australia, Germany and Spain.

 

MixRadio

Sorry, I forget to mention this information.

The MixRadio application is currently available to customers in the following countries: Australia, Austria, Brazil, Canada, China, Finland, France, Germany, India, Indonesia, Ireland, Italy, Malaysia, Mexico, Netherlands, Norway, Poland, Portugal, Russia,
Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, Thailand, Turkey, UAE, UK, USA, Vietnam.

 

Great- so they put people's lives at risk for money. And don't they know the NHS already doesn't have enough money and has patients parked on trolleys in corridors at times as A&E is inundated with greater and greater demands as over-stressed staff try to cope with trying to find a bed?

NHS hit by ransomware attack, hospitals across country shutting down • The Register

 

Something like this was always likely to happen.....the system used by the NHS is running on outdated XP software, although supposedly supported security wise for a fee by M$.

These scum.....words....difficult to describe how depraved they must be.

 

Update: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.

New Ransomware 'Jaff' Spotted; Malware Groups Pushing 5M Emails Per Hour To Circulate It - Slashdot
- and here's news of a new one....by email.

Can you craft a security system to reliably stop such a thing?

True- apparently- but that's not the reason this happened.
The thought is that some smaller organisation was attacked, and this has propagated to the NHS.
Some other firms have also been affected (and Telefonica in Spain, by a different version of the virus)

1. A mix of systems has been affected from GP practices to hospital systems - running on a range of equipment
2. Apparently the tactic is normally not to seek large ransoms from large organisations- it's hard and more traceable to move large sums. (However Bitcoin is comparatively untraceable of course).
3. It is not yet known how the attack is propagating. The thought is it might have been aimed at a smaller organisation, and some document/email etc found its way in to the NHS.
4. Some trusts are affected, others not. It started in England, and later on affected some parts of Scotland.

In a GP surgery- imagine, seeing patients with
- no access to records
- no medical history
- no way to book appointments
- no way to record treatment or medication issued except on paper

They plan to ask patients to bring in their medication if any so they can see what they are taking

Then there's all the appointments cancelled- that have to be rebooked- in hospitals throughout the country.

The NHS has been hit by smaller attacks before- but limited parts only.

How does this happen?
In a large interconnected organisation with a multitude of systems, there is no one security system.
An individual's actions in how they behave with respect to suspicious documents is key

Further:
It can be extremely difficult and expensive, and time consuming, to rewrite and test custom systems running on old OS's.

Nightmare. And the IT cost of recovering systems... the disruption to staff, patients, appointments, treatment... will continue for weeks I guess- months in respect of delayed treatment.

So now they have the resources of the UK to contend with - not just one small firm.

However, my experience is Scammers 99, Victims 1.

 

Hi there

currently around 74 countries at the moment. Probably the biggest victim is the British NHS system -- well if they use cheap off shoring companies, rely on low paid staff from 3rd world countries --in spite of how hard working and dedicated they usually are and STILL RUN XP on most of the client computers -- well they've only themselves to blame.

Without getting too political --I once visited one of these hospitals --Organised Chaos was perhaps a polite way of explaining how they worked -- might be a system the British want --it's up to them --but quite frankly I'd rather pay slightly higher taxes / insurance and go for better qualified staff and higher grade equipment -- YMMV though as there are all sorts of health systems around the planet --some work and others don't. It's up to the electorate in the relevant countries to decide what to do here though.

Cheers
jimbo

 

A statment issued is that no patient records have been effected one would assume they are in a sql type data base

 

Patient records are stored in EMIS and SystmOne from TPP with proprietary front ends. The main NHS system linking together GP and Patients for financial and geographic purposes is called EXETER, and accessed via SQL server and Access front ends. If ever the police got access to this data they could probably solve a lot of historical crime, since it covers all registered patients' movements, domestic associations and addresses, since 1944.

Not SQL server, or any relational database format, but MUMPS (M) based systems, which basically store a hell of a lot of unstructured and redundant data in a rapidly accessible, text-based, tree-based format - because Medics have always wanted to store everything (I mean everything!) in their own idiosyncratic way - and do not understand the benefits of storing data once and joining it together using keys and indices, accessed via queries and views.

Backups are generally well maintained is places I have worked in. The NHS blame culture will see IT staff sacked, and not the mavericks that opened the door to this exploit - certain users who think that they know best and don't respond to training or instructions and open cracks in the systems wherever they can.

 

@Fafhrd - In that context, how useful would have been

a. a white listing program (only 'approved' programs are allowed to be run- suitable for systems such as the NHS runs day to day that always run the same programs

b. Cryptoprevent
CryptoPrevent Malware Prevention Foolish IT

c. RansomFree by Cybereason
Ransomware Protection - RansomFree by Cybereason

(I have these last two installed)

 

Hi there.
@dalchina - a lot of that stuff won't run on the outdated front end XP workstation systems the NHS uses. !!!!

End users need to get data wherever it's stored and then update the DB again -- if the update is corrupt how will the system know -- The various Data Protection Acts will ensure that the update is handled without any "3rd party inspection" and so long as it comes from an authorised user that's the only check. If the data happens to be already scrambled by malware on the users workstation before the data is transmitted to the DB then -- Bang there goes the data base --doesn't matter how "Secure" the backend Servers are !!!!

Anybody with computer science 101 could do this type of abhorrent activity --- that's always a risk and fundamental weakness in Client / Server type systems.

Hopefully they all have ENOUGH BACKUP - and BACKUP that's OFFLINE / away from the infected (or even "infectable" - as it's still an ongoing problem) servers.

This type of stuff shows that for essentially "Mission Critical" applications you HAVE TO SPEND MONEY -- It is utterly inconceivable to me that a country (UK) with the 5th / 6th largest economy on the planet would be running something as important as a Health system "On the Cheap" using outdated I.T and an OS (XP I gather on a lot of primary / front end Work stations) which was obsolete YEARS ago - especially as Ms gave more than adequate warning .

I wonder how many of the overpaid CEO's / managers of these places will be FIRED (Sacked I believe in UK English) even though THESE were the people who authorised putting these systems in place. I'll bet it will be some locally based I.T staff and contractors - much lower down the food chain who will have to bear the brunt -- and as a lot of this stuff is off shored - I wonder if ANY of those companies will actually LOSE THEIR CONTRACTS.

Wait for "The Blame Game" to start any time soon -- First instalment should be far more interesting than any weekend TV program --but we shouldn't forget the many patients who will be inconvenienced seriously by this type of activity - maybe for weeks.

As far as the British NHS is concerned - I believe it has the Largest number of people employed in an organisation on the planet (Over 1 Million I think) with possibly the exception of the Indian Railways and the Chinese People's Liberation Army (or whatever it's called now). A lot of these people are employed at the lower end of the scale - so it's 100% impossible to be totally secure -- one person slotting in a USB stick to an innocent workstation could cause havoc - or even a Doctor opening up an innocent looking email.

If ever there was a case for NOT USING A CENTRALIZED I.T SYSTEM this was it. - Actually in this case the CLOUD probably would have been a better bet - although hideously more expensive to organise and it's probably far too late to start from scratch again.

Cheers
jimbo

 

Sadly the UK government has a terrible track record on failed IT projects. It spends over £10bn a year on IT - I think I heard £16bn mentioned on the radio. So they tried-- at least for some part of the extensive NHS systems- but failed.

There WAS a major attempt to overhaul part of the NHS's IT- but it failed after a massive overspend.

2011 NHS Connecting for Health Electronic care records

United Kingdom Central government Beset by delays and ballooning costs, and the software part of it was never finished. The government was also criticised for not demonstrating value for money. Although the contracts were drafted to ensure that the contractors would be forced to bear a significant portion of the cost of the project going wrong if it did go wrong, in reality this did not always happen. The NPfIT was described by Members of Parliament as one of the "worst and most expensive contracting fiascos" ever.[3] £12bn (£2.3bn) Outsourced Discontinued, but some parts continued List of failed and overbudget custom software projects - Wikipedia

 

Hi there

If all the powers of Hollywood, various governments, ISP blocking etc can't shut down a single site like "The Pirate Bay" which is still operating after YEARS of all sorts of people and resources thrown at it to get it closed down - there's absolutely ZERO chance that people will catch "The Mr Bigs" who initiated this scam --maybe they might get some lower level people but I think this type of activity shows that any CLIENT / SERVER system can be broken and the best way to stop this is to have multiple distributed systems - incredibly complex to organise etc .

Things like Doctors surgeries don't always need 100% realtime online access either so there's no reason why they couldn't hold their data locally and if required transmit it to a remote site by request.

This is always a "catch up " type game - but it makes it hugely more difficult to hack distributed and often independant systems. Maybe it pays to be less than 100% efficient in this case !!!!!

If the UK Govt is paying Billions of GBP on failed I.T perhaps people could consider that what they pay (currently) into the EU could be a bargain - at least they get SOME return on their investment !!!!!!

Let's hope though that for Patients --the whole sorry mess is cleared up quickly --however this type of activity takes hugely longer than people realize -- and ensuring the servers are clean again with better protection in force is a really complex task where I doubt the current staff would have much experience in cleansing such a massive network. What about all the front end work stations too -- without cleaning every single access point 100% there's no guarantee the whole sorry mes won't start all over again -- This saga could take MONTHS to resolve properly. !!!!

Cheers
jimbo

 

Just the email, nothing else needed.

I was talking about the "Untouchables" - Consultants, Professors, Senior Management &c. who believe they are GOD and that rules do not apply to them - the users who break all security measures.

Junior NHS staff don't have the time, and those on the lower end of the scale don't have access, except perhaps for email, which is probably the biggest point of entry for malware. Should have stuck with text-based mail, with all attachments centrally scanned for malware, and locked down MS Office.

No end of trouble with Word Macro Viruses in early 2000's, nimda, and believe it or not, those who insisted on using Mac were the worst culprits for spreading malware - since there were no effective AVs for Mac, these Users would forward infected matter like crazy, even filling up linux servers with infected files, which when opened on PCs would spread like Wildfire. When they couldn't transfer the file electronically, they would take out a floppy disk, & transfer the stuff manually.

I got out of IT in the NHS in 2003, then did some contracting in 2005 for a NHS Trust, and again some data work in 2006, and then retired.

 

The lack of integration, despite all the efforts to use electronic records, is frightening from a treatment point of view.

Imagine you have some sort of accident leaving you unconscious- say a car accident, a stroke.... away from home. You're taken to hospital. The hospital doesn't have ready access to your records or your medication if any. At the weekend (don't - just don't- have something bad happen at the weekend) the GP surgery is closed- computer system inaccessible.

In an ideal world, the hospital would be able to query those records.

But it can't.

So greater integration is needed to overcome basic present limitations. But greater integration means greater vulnerability......

This lack of integration is evident at the lowest level, meaning I, as Power of Attorney for my mother, had to check that the pharmacy, hospital, and doctor's records of medication all tallied. They had no effective way to communicate- no one database from which to work. And there were discrepancies which I had to point out.