- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
NHS England hit by 'cyber attack'
Page may contain affiliate links. Please see terms for details.
- Joined
- Nov 1, 2008
- Messages
- 18,880
- Location
- Bournemouth/Poole Dorset
- Car
- W210 E280 x2, w211 E55, W212 E63 biturbo, S204 C180K
Not surprising considering they are still using XP as an OS.:fail
400ixl
MB Enthusiast
The majority does not run XP anymore and hasn't for a while. There is still more around than there should be mind. Legacy apps preventing the upgrade are a real problem for the NHS and healthcare in general.
- Joined
- Nov 6, 2007
- Messages
- 12,829
- Location
- North Oxfordshire
- Car
- His - Denim Blue A220 AMG Line Premium / Hers - Obsidian Black R172 SLK55
Certainly looks like it from the screenshot on the BBC News site.
Perhaps this attack on essential infrastructure will encourage the law enforcement authorities to put some serious effort into tracking down those responsible?
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
Early days, but....
It seems that the hackers exploited a known vulnerability in Microsoft Windows.
This vulnerability was first discovered by the NSA and used by them for their own purposes.
Hackers got hold of it - either it was leaked from the NSA, or the NSA 'spent' it by using it in circumstances where their indented targets could discover it (similar to how the Iranians found Stuxnet).
Microsoft became aware of the vulnerability shortly after it was leaked and released a patch on 14th March.
But there are two issues... the first is that many organizations do not have a proper patching and updating procedures in place (this is a common failure on many security audits we carry-out).
The second is that according to some reports, 90% of the NHS computers are still on Windows XP.... and updates for Windows XP are no longer available, so XP can't be patched even they wanted to.
So... is it a question of insufficient funds? Or management incompetence? Or both?
It seems that the hackers exploited a known vulnerability in Microsoft Windows.
This vulnerability was first discovered by the NSA and used by them for their own purposes.
Hackers got hold of it - either it was leaked from the NSA, or the NSA 'spent' it by using it in circumstances where their indented targets could discover it (similar to how the Iranians found Stuxnet).
Microsoft became aware of the vulnerability shortly after it was leaked and released a patch on 14th March.
But there are two issues... the first is that many organizations do not have a proper patching and updating procedures in place (this is a common failure on many security audits we carry-out).
The second is that according to some reports, 90% of the NHS computers are still on Windows XP.... and updates for Windows XP are no longer available, so XP can't be patched even they wanted to.
So... is it a question of insufficient funds? Or management incompetence? Or both?
Last edited:
- Joined
- Nov 6, 2007
- Messages
- 12,829
- Location
- North Oxfordshire
- Car
- His - Denim Blue A220 AMG Line Premium / Hers - Obsidian Black R172 SLK55
I seem to remember that HMG came to some maintenance arrangement with Microsoft to keep security patching XP?
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
I don't know, they may have done, but either way regular patching require having policies in place, which are executed and monitored... Windows 10 won't help if it is set to 'never install updates' and no one updates it manually or through WSUS/GPOs etc.
Last edited:
MikeInWimbledon
Hardcore MB Enthusiast
- Joined
- Nov 8, 2014
- Messages
- 10,138
- Car
- (Ex S211 E500, W212 E500, C216, S212 E500, W211 E500 5.5, W221 S500, S211 E500, SL500, S500, E55)
Thank heavens we're investing in the Trident Replacement
At least a major portion of the UK Defence budget has been well invested in defending us from modern risks, like Cyber-terrorism.
https://youtu.be/1aPvGGvnAGQ
At least a major portion of the UK Defence budget has been well invested in defending us from modern risks, like Cyber-terrorism.
https://youtu.be/1aPvGGvnAGQ
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
To be honest... as the details emerge... this is seems like a major c0ck-up on management side.
I doubt that there would be many regional NHS Directors who would look at a professional report submitted by their head of IT and highlighting the shortfall compared to basic security standards such as this : https://www.gov.uk/government/collections/cyber-security-guidance-for-business (we are not talking of ISO27001 here), and say 'Naaahhh, we don't have the cash'.
I am certain that the enquiry that will no doubt follow will highlight a very long list of management failings.
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
Of course, there's the political dimension...
*some* will say the problem is that the NHS is starved for cash
*others* will say the problem is that the NHS is a cumbersome inefficient dinosaur that can't be trusted to manage anything, not even their own IT systems
But this is for another thread.
*some* will say the problem is that the NHS is starved for cash
*others* will say the problem is that the NHS is a cumbersome inefficient dinosaur that can't be trusted to manage anything, not even their own IT systems
But this is for another thread.
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
This is another issue... the Ransomware is clearly doing the rounds across the NHS internal IT systems and those connected to it.
There are such things as application firewalls and reverse prosy firewalls with active anti-virus etc that should be used to segregate and segment different parts of the organisation... if traffic in properly inspected when it crosses local firewalls then Ransomware would not be able to infect so many nodes almost simultaneously.
400ixl
MB Enthusiast
This is not a directed attack on the NHS, doesn't make it less of an issue.
Its also not an XP issue, all versions of Windows are vulnerable unless patched with the update which came out in April 2017.
Relatively few enterprises will be fully patched up to this point across the board.
Its also not an XP issue, all versions of Windows are vulnerable unless patched with the update which came out in April 2017.
Relatively few enterprises will be fully patched up to this point across the board.
D
Deleted member 6183
Guest
I know of another major UK organisation that's having major IT issues today.
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
If this is indeed essentially a criminal attack, as seems to be the case, then yes there would be very little point in attacking the NHS.
These type of organisations will never pay the ransom... they will restore from backups and take any data loss on the chin.
There's no money to be had for the perpetrators here.
So it does seem that this was a widely-cast net exploiting a known vulnerability, and those with poor IT governance - mainly security policies - are worst affected.
CLSMark
Banned
Was that for comedic effect? Or they genuinely using Xp??
Sent using a tin can on the end of a string
OP
OP
- Joined
- Jun 24, 2008
- Messages
- 45,520
- Location
- London
- Car
- 2022 Hyundai IONIQ 5 RWD / 2016 Suzuki Vitara AWD
Chap on the radio today ('security expert') said that "90% of NHS PCs still run Windows XP".
