Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyberattack Hits England's National Health Service With Ransom Demands (theguardian.com)

Posted by msmash on from the ransomware-everywhere dept.

Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients. The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS Digital said it was aware of the problem and would release more details soon. Details of patient records and appointment schedules, as well as internal phone lines and emails, have all been rendered inaccessible. From a report: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this. NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations. "This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. "Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available." NPR adds: The problem erupted around 12:30 p.m. local time, the IT worker says, with a number of email servers crashing. Other services soon went down -- and then, the unidentified NHS worker says, "A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen." The attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors, it appears. The report adds: Images that were posted online of the NHS pop-up look nearly identical to pop-up ransomware windows that hit Spain's Telefonica, a powerful attack that forced the large telecom to order employees to disconnect their computers from its network -- resorting to an intercom system to relay messages. Telefonica, Spain's largest ISP, has told its employees to shut down their computers.

Update: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.

128 of 202 comments (clear)

  1. General VLAN... by __aaclcg7560 · · Score: 4, Interesting

    Sounds like the General VLAN got hit. Critical medical systems should be on a separate and restricted VLAN. I'm a bit surprised that VOIP phones weren't isolated from this.

    1. Re:General VLAN... by Major+Blud · · Score: 3, Interesting

      Sounds like the General VLAN got hit. Critical medical systems should be on a separate and restricted VLAN. I'm a bit surprised that VOIP phones weren't isolated from this.

      I don't know how things are in the U.K., but I spent a few years working in hospital IT in the U.S. The phones used in patient rooms had to be discarded after ever discharge because of fears of contamination, meaning that it was incredibly expensive to have a rotation of phones coming and going. This made it difficult to transition away from the old analog phone system that was in use.

      I didn't get involved with the telephony side of things, so I'm not sure if this entire process was logical or not. I'm not sure how difficult it is to disinfect a phone.

      --
      If you post as Anonymous Coward, don't expect a reply.
    2. Re:General VLAN... by __aaclcg7560 · · Score: 1

      The phones used in patient rooms had to be discarded after ever discharge because of fears of contamination, meaning that it was incredibly expensive to have a rotation of phones coming and going. This made it difficult to transition away from the old analog phone system that was in use.

      Interesting. The few hospitals I've worked in for IT Support had VOIP phones that most workstations plugged into. We discarded old keyboards like the plague since studies have shown that they are dirtier than toilets and a hospital environment was probably a lot worse.

    3. Re:General VLAN... by ctilsie242 · · Score: 1

      Even smaller shops tend to have the VoIP stuff on a separate VLAN, just for QoS purposes, to ensure that a doctor calling in a prescription for Prozium or Joy will not get dropped.

      It would be interesting to see how this attack happened. A misconfigured AD forest could have allowed for brute-forcing a DA/EA account. Especially if there is no protection against brute force [1]. A lack of physical security could have allowed someone to boot a DC and crack an admin account.

      In any case, why wasn't AppLocker running? This would have stopped this attack cold.

      [1]: Ideally, accounts connected to users should have some timeout, even if it is 1-3 minutes. Service accounts should have an obnoxiously long (30+ characters) password. For local admin accounts, LAPS is a must.

    4. Re:General VLAN... by Major+Blud · · Score: 1

      Yes you're correct, they had VOIP for IT and admin staff, it was only patient rooms that still had analog.

      --
      If you post as Anonymous Coward, don't expect a reply.
    5. Re:General VLAN... by DigiShaman · · Score: 1

      Umm, why not wrap in disposable plastic bags? Then, once in awhile place old phones in a cabinet lit with UV lighting for 24 hours?

      --
      Life is not for the lazy.
    6. Re:General VLAN... by Anonymous Coward · · Score: 1

      Right, because competent professionals are infallible, and never make any mistakes.

      And competent professionals always manage to achieve 100% security in the inherited, decades-old systems running massive, sprawling government agencies that they support.

      And competent professionals ONLY work with other competent professionals - once you hire one, every other employee magically becomes competent!

      You and creimer should get together and form an international consultancy. If I were you, I'd call it Prestige Worldwide.

    7. Re:General VLAN... by __aaclcg7560 · · Score: 1

      [...] it was only patient rooms that still had analog.

      My employment contracts prohibited me from being in an occupied patient room, which had the mobile workstations that connected to the wireless network. Never paid attention to the phones inside the patient rooms. I don't know if they were analog or VOIP.

    8. Re:General VLAN... by __aaclcg7560 · · Score: 1

      Write a blog post about it, bro.

      No one wants to read about your butthurt. Go buy yourself some Lady Anti Monkey Butt Powder to sooth over the pain.

    9. Re:General VLAN... by ChumpusRex2003 · · Score: 1

      Looks to be a ransomware attack based on an update of the classic wcry ransomware, which makes use of the doublepulsar exploit which was patched in the March Microsoft patch deployment.

      Doublepulsar allows remote code execution on windows servers. This allows the ransomware to encrypt entire servers without the need for brute forcing an admin account.

    10. Re:General VLAN... by Major+Blud · · Score: 1

      You'd have to disassemble the handset so that the UV light could access the microphone and internals, on what could potentially be hundreds of phones in a day.

      --
      If you post as Anonymous Coward, don't expect a reply.
    11. Re:General VLAN... by bluefoxlucid · · Score: 1

      Doesn't matter. Can you go forward with a treatment if you're uncertain if the treatment is safe, if the patient is in dire need, and so forth? The patient needs anesthesia; are they going to die like Monty Oum if you use one anesthetic rather than another?

      Everything in a hospital is critical.

      --
      Support my political activism on Patreon.
    12. Re:General VLAN... by Stoertebeker · · Score: 5, Funny

      Isn't that what telephone sanitizers are there for? Maybe we shouldn't have put them all on the first ark?

    13. Re:General VLAN... by cayenne8 · · Score: 4, Interesting
      In addition to the mistake of having so many systems of importance connected to the greater internet....

      I think it likely also points out the problems with homogeneous systems...centralized systems, and such mandated by the government.

      A singular system with all information, while providing convenience in many ways, opens itself up to being completely shut down if anyone ever breaks through the always inevitable cracks.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    14. Re:General VLAN... by __aaclcg7560 · · Score: 1

      Everything in a hospital is critical.

      Not necessarily. No patient will die if the cardboard baler goes on the fritz for a few days and a mountain of cardboard piles up in the trash area.

    15. Re:General VLAN... by bugs2squash · · Score: 1

      why not give the patient some disposable headphones with a mic, airlines can get them cheaply enough.

      --
      Nullius in verba
    16. Re:General VLAN... by Farmer+Tim · · Score: 3, Interesting

      I asked a similar question when my dad was in hospital being treated for an MRSA infection from a previous hospital stay. The answer is a typical telephone has speaker and mic holes, seams and moldings in the case, cutouts around the buttons (if it doesn't use membrane switches, though I haven't seen one like that for years)...lots of places for germs to hide where UV light can't get to them. Wiping down with alcohol isn't effective either.

      Plastic bags muffle sound, add handling noise and make dialling and using the phone in general more difficult. It's a reasonable assumption that a patient is in hospital because they're already impaired in some way (or may be impaired by sedatives, pain killers, etc), so if the phone is more difficult to use than normal it may defeat the purpose of having it there at all.

      And ultimately, they can buy basic handsets in bulk for ~$8 each, which works out cheaper than trying to keep them sterile. It also eliminates the risk of human error such as being incorrectly tagged and accidentally cycled back into use without being sterilized first, and that's a big enough problem with surgical instruments which can easily be autoclaved (many cheaper instruments like scalpels and scissors are also single use these days for the same reason).

      --
      Blank until /. makes another boneheaded UI decision.
    17. Re:General VLAN... by Dishevel · · Score: 1

      I have to wonder though.
      If this is related to the Intel Management Engine exploit. At the moment I have no idea how you can protect from this.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    18. Re:General VLAN... by jonbryce · · Score: 1

      Prescriptions get sent to the pharmacy in text/xml format, not by a voice call.

    19. Re:General VLAN... by Hognoxious · · Score: 2

      I think it likely also points out the problems with homogeneous systems...centralized systems, and such mandated by the government.

      I'm sure private sector companies all happily undertake the additional expense & complication of developing & running entirely separate systems for each branch/office.

      But remind me, who do you work for?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    20. Re:General VLAN... by cayenne8 · · Score: 1

      I'm sure private sector companies all happily undertake the additional expense & complication of developing & running entirely separate systems for each branch/office.

      But remind me, who do you work for?

      Actually, in the US until the most recent couple decades or so, that has been precisely the case.

      Of course, one problem was they didn't talk to each other (but keeps from a single source of failure)....

      But before HMO's and bean counters and the like started forcing consolidation, many if not most doctors were independent, had their own offices (hung their shingle out)...and had their own office management and records solutions, usually offered by a number of different companies.

      The only real thing they had to do, was be able to communicate with the insurance companies, with codes to get paid...and with Medicare/Medicade.

      But the US move to force to a standard, electronic medical record...while it has its benefits, opens the door to hackers finding the crack and bringing down many sites, rather than a few.

      I, personally, am not for the push to standardize the medical system to government run/managed....especially not single payer which will really open things up to system take downs, amongst the other problems with such a system as it would happen in the US.

      I shudder to think the govt folks in charge of my medical care will have it as pleasant, respectful and responsive as a typical 2-5 hours wait at the DMV. Yes, I know that's locally run, but the feds aren't much better where they add even more tonnage of red tape and overregulation.

      But I digress.

      But govt in the US, so far, has not been that great at computer/network security, and I really don't see it getting any better any time soon. With a centrally planned and managed US medical system, comes great risk of data loss, and, I fear....the chance of this same type ransomware scheme or worse happening.

      And no, I don't work for any medical computer company.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    21. Re:General VLAN... by gweihir · · Score: 1

      While I agree with you, the reality is that IT security in the medical area sucks even worse than in other fields. That is the only reason they were hit so badly. As law enforcement seems to be completely useless with regards to this threat, it becomes more and more urgent to remove IT security from the back-burner and recognize it as a mission-critical thing that in addition is difficult to get right.

      Caveat: I do earn my living mostly with IT security these days.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    22. Re:General VLAN... by thegarbz · · Score: 5, Insightful

      A singular system with all information, while providing convenience in many ways, opens itself up to being completely shut down if anyone ever breaks through the always inevitable cracks.

      It's not convenience. Often it is part of a critical operating philosophy. I will wager more lives have been saved by centralising records and administration like this than have been affected by any cyber attack. Ferrying data between isolated systems introduced a tremendous amount of delay and error over the years which has successfully been fatal in many cases.

    23. Re:General VLAN... by __aaclcg7560 · · Score: 1

      Caveat: I do earn my living mostly with IT security these days.

      That's what I do in government IT.

    24. Re:General VLAN... by gweihir · · Score: 2

      Sounds like somebody got himself some steady business bu shady means. Decontaminating phones is not more difficult than doing it for beds, toilets, door-handles, etc. This procedure does not make any medical sense.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    25. Re:General VLAN... by gweihir · · Score: 1

      Ok, with $8 per set, throwing them away is a lot cheaper.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    26. Re:General VLAN... by Grishnakh · · Score: 1

      To get to the IME still requires getting through other layers of security, many of which shouldn't be running on Intel CPUs at all.

    27. Re: General VLAN... by __aaclcg7560 · · Score: 1

      Unless they trip, fall onto the pile, cannot get up, nobody sees them, and they die of dehydration a couple of days later.

      You joke but such situations are not unheard of.

      http://www.nydailynews.com/news/national/s-f-hospital-orderly-stepped-woman-patient-discovered-dead-report-article-1.1492552

    28. Re: General VLAN... by Ash-Fox · · Score: 1

      The NHS is horribly decentralised and connected to each practice via ad-hoc methods... Even payroll isn't centralised throughout the UK for the NHS. I don't see how this is an example of centralisation like you make it out to be.

      --
      Change is certain; progress is not obligatory.
    29. Re: General VLAN... by Ash-Fox · · Score: 1

      A fair few NHS institutions don't even have a windows domain. I don't know why you think it's centrally managed, each practice can be completely different from another in IT setup.

      --
      Change is certain; progress is not obligatory.
    30. Re: General VLAN... by Ash-Fox · · Score: 1

      They don't use Windows exclusively either.

      --
      Change is certain; progress is not obligatory.
    31. Re:General VLAN... by ghoul · · Score: 1

      I am sure you follow what you preach in your own life. Instead of living in a house with Bedrooms, Living rooms , Kitchens and Batrooms you live in a collection of one room dwellings each with its own door and lock. After all you would not want to compromise the safety of your kitchen by letting anyone who gets past your front door to enter your kitchen?

      Their are good reasons for integration and we have known that for hundreds of years - ever since we stopped using outhouses and started using indoor plumbing.

      --
      **Life is too short to be serious**
    32. Re:General VLAN... by cayenne8 · · Score: 1

      I am sure you follow what you preach in your own life. Instead of living in a house with Bedrooms, Living rooms , Kitchens and Batrooms you live in a collection of one room dwellings each with its own door and lock. After all you would not want to compromise the safety of your kitchen by letting anyone who gets past your front door to enter your kitchen?

      Err...please come up with a better analogy.

      My kitchen integrity and privacy do not directly affect my living health.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    33. Re: General VLAN... by Grishnakh · · Score: 1

      Nobody sane would run medical equipment on Windows period. That should be cause for prosecution for attempted murder through extreme negligence.

      If you have some completely non-life-critical application that runs on Windows, you can run it in a VM.

  2. "Ransomware demanded"??? by tlambert · · Score: 2, Funny

    "Ransomware demanded"???

    So wait. They've demanded that 16 hospitals to give them ransomware?

    Isn't the correct business model to give the hospitals the ransomware instead, and then demand ransom?

    Is this an altruistic cyberattack? The hospitals give them the ransomware, which they install, and then they give the hospitals money so that the hospitals will send the the unlock code, and they can then move onto the next hospital?

    I mean, as an approach to medical billing, it's kind of .. disruptive, but...

  3. "Ransomware Demanded" by Cajun+Hell · · Score: 2, Funny

    Don't give it to them! If you give them ransomware, they're just going to use it to start attacking people and demanding ransoms from their victims.

    --
    "Believe me!" -- Donald Trump
    1. Re:"Ransomware Demanded" by fahrbot-bot · · Score: 1

      Don't give it to them! If you give them ransomware, they're just going to use it to start attacking people and demanding ransoms from their victims.

      Hospitals already have their own ransomware. It's call the bill.

      --
      It must have been something you assimilated. . . .
    2. Re: "Ransomware Demanded" by Malc · · Score: 1

      Bzzzt! Wrong! It's the NHS.

    3. Re: "Ransomware Demanded" by fahrbot-bot · · Score: 1

      Bzzzt! Wrong! It's the NHS.

      It's happening in more than just the UK. From TFS:

      Update: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.

      --
      It must have been something you assimilated. . . .
    4. Re: "Ransomware Demanded" by Malc · · Score: 1

      Bzzt! Wrong again! I was replying to the comment that said: "Hospitals already have their own ransomware. It's call the bill". We don't see any bills in the UK.

  4. terminals not answering back by pigsycyberbully · · Score: 2, Informative

    Not surprised Swiss cheese. NHS malware ransomware terminals not answering back. Ambulance system not reporting incoming patients. Using pen and paper to work out who is in and who is gone home. Unable to answer enquiries about patients. Everything else is working in slow motion not always working. Nationwide.

  5. If the admins were smart... by drew_92123 · · Score: 2

    If they were smart the desktops used to access patient are nothing more than "thin" clients with just an OS that can be PXE booted and re-imaged in short order... and the actual applications that matter would be running in VMs accessed from those clients... and the VMs would have have snapshots to roll back to in case something there gets screwed up...

    Then again, if they were smart, they never would have connected systems used for patient care to the internet in the first place... all internet access would have been done through VM jump boxes and would have been protected by a properly configured firewall that only allowed HTTPS sessions that originated from the VM and all other traffic to/from the VM would have been dropped... making it nearly impossible for a VM to become infected or for an infected VM to spread malware to other machines on the local network.

    1. Re:If the admins were smart... by Anonymous Coward · · Score: 1

      They're not. The NHS IT infrastructure is a joke. US firms supply systems that never work properly, and yet they're given the next billion £ project without fail. There are millions of machines across the country, each GP office has their own dated PCs, and the networks are flaky at the best of times.

      For all the piss-taking IT smug comments /. will sling, the reality is all systems were shutting down today, phones too. People are being turned away from GP offices and A&E depts. Operations have been cancelled. Prescriptions cannot be given out. Pre-op diagnostics are not available et al.

    2. Re:If the admins were smart... by will_die · · Score: 1

      If the admins have VM snapshots around available for that then they are using snapshots as backup and are majorly stupid and don't understand how VM snapshots work and their purpose.

    3. Re:If the admins were smart... by ghoul · · Score: 1

      Even with firewalled systems malware can get in. The Iranian centrifuge plants were not connected to the internet but the infection got brought in on USB sticks of scientists who wanted to show their colleagues pictures from their daughter's birthday party. Hackers can use social engineering to get across physical barriers

      --
      **Life is too short to be serious**
    4. Re: If the admins were smart... by bestweasel · · Score: 1

      It's spread by email using our old friend, the malicious PDF.

  6. Major cyber attack? by ruir · · Score: 1, Insightful

    It smells more to major incompetence.

    1. Re:Major cyber attack? by citylivin · · Score: 5, Insightful

      "It smells more to major incompetence."

      Oh get off your high horse. We had a ransomware infect one user and then their network drives last fall. We stopped it within 20 minutes but still the damage was done with 40% of their network drive encrypted. The virus scanner (sophos) didnt catch it, email virus scanner missed it too. Was hand targeted for this one particular employee.

      She unfortunately had access to a drive she shouldnt have as well so the attack spread farther than it should have.
      We restored from backup and wiped the machine, but it was certainly inconvenient for a few hours for everyone in that department who lost access to their files.

      The point is that this can happen to anyone so dont get cocky. Every user has write access to SOME files on the network, that is unavoidable.

      I liked this video i saw at a cisco presentation a few weeks back. In theory a good IDS system with integrated agents on the machine and a "nex gen" firewall should halt an attack quickly. But thats a lot of money that many companies won't invest in till its too late.

      https://www.youtube.com/watch?...

      --
      As a potential lottery winner, I totally support tax cuts for the wealthy
    2. Re:Major cyber attack? by ruir · · Score: 1

      Using Windows in production systems and sharing drives across multiple institutions and/or not blocking executables as email attachments in your email system seems the way to go from the guys that brought us ITIL for sure....
      Prevention measures should be in place in several places of the infra-structure, but I realize we are talking about the NHS AND the UK.

    3. Re:Major cyber attack? by herve_masson · · Score: 1

      We all know how AV are useless on those things (and many others)

      Maybe it's time to implement server-side filesystem monitoring and trottle file IO + raising alarms when unusual IO burst occurs.
      Better slowdown/block legitimate trafic than messing huge file collections.

      Easyer to say than to code obviously....

    4. Re:Major cyber attack? by ruir · · Score: 1

      And that is why Checkpoint, Fortinet and others have already services nowadays that capture signatures of potential malware in a worldwide scale and block them at firewall level...
      However we are talking here of big bucks, which should not be problem in this organisation.

    5. Re:Major cyber attack? by mjwx · · Score: 2

      It smells more to major incompetence.

      More like general negligence, who outranks incompetence.

      I work in the UK, several of our customers are banks, they're all going apeshit with requests to find out if they're vulnerable to the same attack. We keep their shit patched so no, but it's making my evening a living hell.

      However I've also worked for several medical clients back in Oz. I'm not surprised this kind of thing can happen. You'd so often see a $1000 PC hooked up to a $350,000 medical scanner. That PC would be running a 5 year old OS because it ran a specific $30,000 piece of software that the scanner required to interpret the raw data. Its not that they didn't want to upgrade the OS or hardware, shit, that's the cheap part. It would be $50,000 to upgrade the firmware on the scanner and $10,000 for the upgrade to the software to get it to run on Windows 7 (at the time, we're talking 2012 here).

      Needless to say, we kept those machines isolated from the general network, preferably not connected at all.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    6. Re:Major cyber attack? by vtcodger · · Score: 1

      It smells more to major incompetence.

      So General VLAN (first post) has been promoted to a staff position and Major Incompetence has been given his old command?

      --
      You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
    7. Re:Major cyber attack? by ruir · · Score: 1

      "The ransomware is using the ETERNALBLUE exploit, which uses a vulnerability in the SMBv1 protocol to infect vulnerable computers left exposed online. Microsoft issued a patch for this vulnerability last March."

    8. Re:Major cyber attack? by ruir · · Score: 1

      Did I hurt the ego of someone that has to post as an AC? Poor you...Send me your address and I will send you a box of tissues and some bonbons.

    9. Re:Major cyber attack? by Zumbs · · Score: 1

      If you read citylivins comment closely, it appears that the employee was sent a targeted phishing mail. Given that most mail servers these days block executables as email attachments, the malware payload could have been delivered as a macro inside a MS Word document, a link to a malicious site or something along those lines.

      --
      The truth may be out there, but lies are inside your head
    10. Re:Major cyber attack? by vtcodger · · Score: 1

      You'd so often see a $1000 PC hooked up to a $350,000 medical scanner. That PC would be running a 5 year old OS because it ran a specific $30,000 piece of software that the scanner required to interpret the raw data. Its not that they didn't want to upgrade the OS or hardware, shit, that's the cheap part ...

      Thanks. I was sure that what you describe was not uncommon, but since I never worked with medical stuff, only happened to have it applied to me from time to time, I didn't bring the subject up.

      Question: If the PC is only there to act as an embedded controller, and it does its job, why should you care what OS or version it uses? If it were a black plastic box with a couple of sockets and a power plug would you care what sort of CPU it had or whether it were running MSDOS, QNX, OS9 or ran by the power of prayer? And why, if you value your sanity, would you ever, even for a second, consider plugging a network cable into it?

      --
      You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
    11. Re: Major cyber attack? by Ash-Fox · · Score: 1

      Does that include windows 2000 patches? I remember the xray machine I was in last, which was networked ao they could pull up the images from other computers was running on Windows 2000.

      --
      Change is certain; progress is not obligatory.
    12. Re:Major cyber attack? by herve_masson · · Score: 1

      Looks like those big buck services won't do the trick for yesterday's attack.

    13. Re:Major cyber attack? by jeremyp · · Score: 1

      Question: If the PC is only there to act as an embedded controller, and it does its job, why should you care what OS or version it uses?

      Because the software that talks to the scanner would have been written for a specific version of a specific OS (most likely Windows) and they can't afford the upgrade.

      --
      All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
  7. Windows? by mspohr · · Score: 2

    Are they using Windows computers for sensitive health information?
    Are they using Windows for mission critical applications? ... morons...

    --
    I don't read your sig. Why are you reading mine?
    1. Re:Windows? by Archtech · · Score: 4, Interesting

      When Tony Blair met Bill Gates in 2006 - after kissing Gates' feet and gushing for a few hours about his supreme wonderfulness - Blair signed up for the super huge mega deal, with all the Windows you can eat. (Small print: security is up to you, mumble mumble mumble...)

      "Mr Gates, the billionaire software pioneer, had just written a book about how IT could transform economies".

      Yeah. Transform them from prosperity to miserable bankruptcy - along with lots of dead and dying patients. And transfer a large slice of their revenue to Bill Gates' bulging pockets.

      Maybe the NHS should call Gates now and ask him to sort out their problems.

      https://www.theguardian.com/bu...

      --
      I am sure that there are many other solipsists out there.
    2. Re:Windows? by Grishnakh · · Score: 1

      Exactly. Why is this not being addressed more? Using Windows for anything critical is just asking to be a victim like we see here.

    3. Re:Windows? by StormReaver · · Score: 1

      Using Windows in a hospital should be enough to get you fired.
      Connecting Windows to a network in a hospital should be enough to get you prosecuted.

    4. Re:Windows? by Anonymous Coward · · Score: 2, Interesting

      Are they using Windows computers for sensitive health information?
      Are they using Windows for mission critical applications? ... morons...

      Yes... they're using Windows XP.

    5. Re:Windows? by mspohr · · Score: 2

      OMG! Complete, absolute morons.
      The management should all be fired.

      --
      I don't read your sig. Why are you reading mine?
    6. Re:Windows? by ghoul · · Score: 2

      This is why countries should not trust US made software. It has backdoors installed for the NSA to sneak in. They would have been better off with Chinese software. It also would have backdoors but it would be cheaper.

      --
      **Life is too short to be serious**
    7. Re:Windows? by thegarbz · · Score: 1

      Transform them from prosperity to miserable bankruptcy - along with lots of dead and dying patients.

      [Citation Needed] More on the latter account because in the former case every country in the world has had an increase in medical costs since 2006 regardless whether or not the mighty BG was involved.

    8. Re:Windows? by gweihir · · Score: 1

      Same morons as almost everywhere else. We have just too many people even in the IT field that know Windows and nothing else. A great success for Microsoft and a huge fail for humanity.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  8. Wannacry 2.0 Ransomware by DigiShaman · · Score: 3, Insightful

    It's been posted online that this is a version of WannaCry v2.0 Ransomware. Apparently it's taking advantage of the SMB exploits that got released last week or so ago. It's probably doing an IP scan inside the LAN from an infected machine, and then attempting to exploit SMB at the other end. That machine gets infected, and so it spreads at an exponential rate. Short version, this is WW III starting level shit!! We'll know soon enough in the next 48 hours around the world

    --
    Life is not for the lazy.
    1. Re:Wannacry 2.0 Ransomware by vtcodger · · Score: 1

      That machine gets infected, and so it spreads at an exponential rate. Short version, this is WW III starting level shit!! We'll know soon enough in the next 48 hours around the world

      Ya know, you have a point there. I'd sort of expected that the first net propagated worldwide IT catastrophe would be in the financial sector. But healthcare is pretty important also. Especially if you are the patient.

      --
      You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
  9. I've come across this virus by AlanRoscoe · · Score: 1

    Nasty virus. I don't think it's possible to decrypt the affected files. I researched a solution but didn't find one. Best thing the bus done was to shut down network until it has been resolved. It only takes an end user to open it via email or whatever and it's activated. Probably Russian.

    1. Re:I've come across this virus by Anonymous Coward · · Score: 5, Funny

      "I've come across this virus. Nasty virus. Really, really bad virus. We're going to stop this virus, and we're going to make Mexico pay for it."

    2. Re:I've come across this virus by ghoul · · Score: 1

      The NSA should be required to provide the decryption services. After all Microsoft left the backdoors for the NSA to get in and the NSA has some of the best decryption tools in the world.

      --
      **Life is too short to be serious**
    3. Re:I've come across this virus by jeremyp · · Score: 1

      It's from the NSA... ... oh wait, I forgot Russia runs the US Government now, so yes, probably Russian.

      --
      All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
  10. Someone is going to have a bad day.... by Computershack · · Score: 3, Insightful

    This is the kind of event likely to get GCHQ involved which could result in someone expecting Bitcoin goodness to have a very unwelcome knock on the door one day.

    --
    I only please one person per day. Today is not your day. Tomorrow isn't looking good either. - Scott Adams
    1. Re:Someone is going to have a bad day.... by Shinobi · · Score: 1

      No, more likely a team of experts in the arts of ungentlemanly warfare will arrange for a series of unfortunate events.

    2. Re:Someone is going to have a bad day.... by ghoul · · Score: 1

      This will probably give a boost to homemade OSes in Russia and China. Not every country has the tech to write their own OS but Russia and China sure do. They already do write their own OSes for military applications. At least with a home made OS you know the backdoors are there for your own National Security Agency to spy instead of the US NSA

      --
      **Life is too short to be serious**
  11. Silly malware peoples by captaindomon · · Score: 1

    When you intend your target to be grandmas or something and then your software accidentally hits a country-wide hospital system. That's when you go from counting bitcoins to having your door smashed down by elite forces at 2:00 in the morning...

    --
    Just because I can hook a shark from a boat, I do no offer to wrestle it in the water.
  12. The Value of Bitcoin???? by 3seas · · Score: 3, Interesting

    is it really that untraceable?

    1. Re:The Value of Bitcoin???? by phantomfive · · Score: 1

      Apparently you can launder it through an exchange and it becomes untraceable. I've never tried this so who knows.

      --
      "First they came for the slanderers and i said nothing."
    2. Re:The Value of Bitcoin???? by bill_mcgonigle · · Score: 1

      is it really that untraceable?

      It takes some computational muscle, but I have no doubt the NSA has the tools.

      But joke's on the perps - the way Bitcoin is now, confirmation times and fees are so high that the hospitals will probably be restored from backup before they get any decryption keys.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    3. Re:The Value of Bitcoin???? by ghoul · · Score: 1

      It probably is traceable but the NSA is not letting it be known. They are probably keeping it in their backpocket to be used when its worth burning that card. This incident may just be worth burning Bitcoin for but we wont know till the NSA decides to. They may decide to still reserve the card for a future threat.

      --
      **Life is too short to be serious**
    4. Re:The Value of Bitcoin???? by ebvwfbw · · Score: 1

      Previous article had a response to that. He runs a bitcoin machine, so can you if you want. Every transaction is sent to every other server in the world. It's traceable if they really want to get you. Thing is, they can find out who you are and then when you come out of your hole, even years later and go through an airport, get stopped on the side of the road, etc... you're cuffed and stuffed. Then the story ends up on slashdot!

  13. Portugal also being hit by Anonymous Coward · · Score: 1

    Portugal Telecom (PT), which is to Portugal what Telefónica is to Spain, has reportedly been hit by the same ransomware.
    Unconfirmed reports of several other companies have surfaced, including at least one bank.

  14. Busy weekend ahead by Bruce66423 · · Score: 1

    Even if this attack is halted soon, it does raise some very pointed questions about resilience in a lot of mission critical systems. CEO phones CIO: 'Are you confident this can't happen to us?' 'Um....'

    There are times I'm grateful I'm retired!

  15. Re:Can you see by fluffernutter · · Score: 3

    Not sure what single payer has to do with this, but it's not like the American healthcare system runs like a well-oiled machine by comparison. In fact, it is probably the most fragmented and disorganized health care system there is.

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
  16. Forced health service holds US ransom by micahraleigh · · Score: 1

    Forcing everyone to buy something from the government means people pay their own ransom to the government.

    Except they don't release you after you pay the money.

    1. Re:Forced health service holds US ransom by omnichad · · Score: 2

      This rule does make a profit for shareholders. It's not single-payer insurance, it's either being forced to buy something from a private company or a fine.

    2. Re:Forced health service holds US ransom by AthanasiusKircher · · Score: 3, Interesting

      Indeed. I'd be in favor of single-payer, but Obamacare is an abomination. And I mean that word in the old-school sense of some spawn of things that really shouldn't go together.

      But that's the U.S. government way. We don't have socialism; he have half-assed versions of regulation that really end up funnelling money into the pockets of rich people and corporations. We did it with Fannie Mae and Freddie Mac -- just enough regulation to claim they were pseudo-government entities, but enough freedom to completely blow up the housing market and be bailed out by taxpayers. We've witnessed it with Obamacare -- enough regulation to improve healthcare a bit, but with increased costs and a completely superfluous layer of private corporations whose sole benefit is to stand in the WAY of actual health care, make claims and overhead by health providers much more complex, and skim ~15% off the top. And now we're seeing it with student loans -- no, we don't want to actually provide higher education for everyone, but we'll create this weird loan structure that flows through young uninformed students with prices set by colleges that act more like corporations than educators every day... is it any wonder tuition is out of control?

      That's the great American experiment: see how many ways we can screw over taxpayers by creating "regulation" systems that half-fix problems and provide perverse profit incentives for corporations.

    3. Re:Forced health service holds US ransom by AthanasiusKircher · · Score: 1

      Did I say the crisis was due entirely to them? Nope. Read what I wrote. They are quasi-governmental organizations that pretend to be independent when it suits them and then got out of control and needed massive bailouts. Half-assed regulation systems that pretend to be part of the government are often worse than either alternative (I.e. independent businesses with less direct government role or full-scale government takeover of that function).

    4. Re:Forced health service holds US ransom by AthanasiusKircher · · Score: 1

      Woah -- calm down, buddy. I don't actually generally support socialist solutions to most issues. I actually don't think single-payer is ideal, but it'd be better than our current mess. Alternatively, the other solution would be to go to the other way and encourage actual payment for health care in everyday non catastrophic situations and reserve insurance for what is ACTUALLY "insurance" in just about any other situation, i.e. for catastrophic events and things that can't be reasonably planned for. What we have is the worst of both worlds AND a bunch of third-party middlemen who add nothing to everyday healthcare skimming off the top. Meanwhile, actual healthcare costs are obscured and basically unavailable to consumers in advance, driving costs to go out of control. So make the hard choice: either require people to actually PAY FOR CARE and create a real market where actual costs are seen and can be controlled through market economics OR shut the whole thing down and do single-payer. What we have now is just a way to keep propping up an irrelevant "insurance" system that's completely dysfunctional.

  17. Is it time by fredrated · · Score: 1

    to start hanging the people that produce this crap?

    1. Re:Is it time by ruir · · Score: 1

      Hang people that use Windows in Mission Critical systems, and you kill two birds with one stone.

  18. And a big thank you very much to the NSA by Eunuchswear · · Score: 3

    Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the NSA.

    --
    Watch this Heartland Institute video
    1. Re:And a big thank you very much to the NSA by Sir+Holo · · Score: 1

      Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the NSA.

      This is a global demonstration of why "Security through obscurity" and "NSA back-doors" are a very, very bad idea. I can't even imagine of a clearer demonstration.

      Too bad the political response will not be to do draconian things, rather than instituting open code reviews and such. Those NSA spooks like to have their little secret treasures, even if that endangers everyone in the world with an internet connection.

    2. Re:And a big thank you very much to the NSA by Sir+Holo · · Score: 2

      Thank you NSA for developing this exploit for the ransomware hackers to use.

      The US NSA are to blame for this global (dozens of countries) IT clusterfuck. I wonder how the leaders of all of those other countries are feeling about the US right now...

    3. Re:And a big thank you very much to the NSA by Eunuchswear · · Score: 2

      You, like the NSA, seem to have forgotten that part of the NSA's job is defence. That they knew of these vulnerabilities and didn't work with microsoft to fix them is a failure of that job..

      --
      Watch this Heartland Institute video
    4. Re:And a big thank you very much to the NSA by Sir+Holo · · Score: 1

      Why is the NSA more to blame for using it and keeping it secret then Microsoft is for creating it, profiting from it, refusing to fix it, and keeping it secret?

      MS bears lots of blame, of course. But it was the NSA who not only discovered the exploit, but turned it into a weapon, complete with instructions.

  19. Re:Can you see by beelsebob · · Score: 1

    Well, given that this affects non-single payer nations too... no.

    http://www.bbc.com/news/techno...

  20. GCHQ made a very unfortunate tweet at same time by Martin+S. · · Score: 3, Informative

    "It's a good job we're better at keeping Britain safe than writing limericks⦠#NationalLimerickDay"

    https://twitter.com/GCHQ/statu...

  21. I would not ... by Martin+S. · · Score: 1

    I would not bet your freedom against GCHQ.

  22. NHS Digital by Martin+S. · · Score: 1

    NHS Digital is national patient administration system, it is bold in scope and vision but with a history of expensive failure and delays caused by miss-management by practically every major IT consultancy that exists. I never worked on it myself but know many colleagues that have and non have ever had a good word to say about it.

  23. IT Governance not Technical failure by Martin+S. · · Score: 1

    This should be all but impossible on a competently managed system, it should not be able to proliferate to this extent on computers in a controlled environment. The scale of this attack is troubling. The fact that this could happen is not a single failure, it is major failure of IT governance. Layering controls in platform and process with should prevent a single technical or human failure compromising the whole system like this. The compromise should always be localised. This is a governance and senior management responsibility and failure. If they knew this was a problem they failed and if they didn't they failed.

    1. Re:IT Governance not Technical failure by ruir · · Score: 3, Funny

      Beautiful, have you ever considered a career in politics?

  24. Re:Who Cares? by Thud457 · · Score: 1

    "A Comey off your hands is worth a Spicer in the bush"

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  25. Why is it? by gregarican · · Score: 3, Interesting

    The biggest worms, trojans, etc. all hit Windows? Rhetorical question, so no jesting or serious responses requested :) But this one looks to be fairly sizeable. Plenty of European telecoms, and other industries hit so far today. Even read reports of FedEx's Memphis hub instructing employees to power off those PC's.

    Here's a map --> https://intel.malwaretech.com/.... The ironic thing is that these are far from true 0-day exploits. Patch was released for this in March. Regardless of your organization size, testing and rolling out patches shouldn't be that difficult. Given it's been a few months. This is speaking from a person who's been a cog in the wheel at larger US organizations as well as supported smaller places...

    1. Re:Why is it? by Sir+Holo · · Score: 1

      The biggest worms, trojans, etc. all hit Windows? Rhetorical question, so no jesting or serious responses requested :) But this one looks to be fairly sizeable.

      NYT noted up to 74 countries reporting having been hit.

      Serious answer: MS puts out patches all the time. In institutions with multi-million $$ equipment, or life-critical equipment, avoid patching if at all possible. Such equipment is designed for a couple of decades of service or more. The computer-interface card might only have drivers up to Windows XP. Applying a MS patch could be either impossible, or if you run Win 8.1, say, something to be avoided. MS security patches are notorious for bricking expensive equipment, which stay bricked until the manufacturer (if still in business) updates the driver for its interface hardware.

      Smart institutions would like to air-gap the expensive instruments, but huge data-flows makes that infeasible. The only workable implementation is to hide them behind an intermediary Linux box having two Ethernet cards, to hide the instrument's computer from the network. Prudent configuration of the Linux box is recommended.

    2. Re:Why is it? by gregarican · · Score: 1

      Okay I guess I did ask for it when I mentioned the rhetorical question. The MS security patches being notorious for bricking expensive equipment reference. Any somewhat recent and significant examples? Reason I'm asking is because I've sysadminned Linux servers going back to around 1997. And in parallel sysadminned Windows servers going back to NT 3.51.

      When it comes to MS security patches bricking equipment, if you are talking about servers the last time I recall a major SNAFU was NT 4.0 Service Pack 6. That's why SP 6a was rolled out pretty damn quick afterward. Seeing it basically broke the TCP/IP stack for most unfortunate early installers. I was one of them and that left me gunshy for a few years in terms of patching too soon.

      For the past 3-4 years I've had all Windows-based business clients running Windows 7 Pro. And all servers running Windows 2008 R2 and nowadays Windows 2012 R2. All important and critical level Windows Updates roll out automatically after hours weekly to the clients. And I manually update the servers once a month. Haven't run into a single case of anything bricking, not updating, BSOD'ing, etc. For 3-4 years.

      I understand that large organizations need change control, test beds, implementation schedules, blackout schedules, etc. but even then leaving things hanging for several months is bad practice. Regardless of which platform you maintain and support. As I said, I've adminned Linux as well going back 20 years. When I see the IoT exploits hitting old Linux-based revisions running on cable modems, security DVR's, etc. it's a similar oversight. Those old, vulnerable packages should've been patched by the hardware vendors and/or been addressed by the local sysadmins if patches were released.

      As for Windows 8.1, Windows 10, etc. running on the clients, agreed, there are plenty of update horror stories in the wild. But then again what business environment would consider running them? As bad as running Windows XP in terms of the why? And yes, Windows 7 can run 99% of Windows XP applications as far as I know...

    3. Re:Why is it? by Sir+Holo · · Score: 2

      Okay I guess I did ask for it when I mentioned the rhetorical question. The MS security patches being notorious for bricking expensive equipment reference. Any somewhat recent and significant examples?

      2008 or so. A pushed Windows update bricked ALL Oxford-brand EDS systems globally for a couple of days. A driver update for the interface card fixed it, but it took time. What is an EDS? It's an analytical tool that allows chemical analysis in electron microscopes. Every university has several. Every big company, especially in tech, has tens of them (or 100's if you're Intel). The EDS systems would not work, preventing not only day-to-day use of this basic analysis-lab capability, but also mission-critical needs to use it.

      I was in the satellite industry at the time, and can tell you that in this industry, delay of a rocket on-the-launchpad costs about $3–5 million per day. We didn't have an emergency to cover at the time, fortunately, but day-to-day work was impossible. Not only that, but our time was wasted trying to fix the problem. A lot of PhDs the world-over wasted probably 12 hours each trying to figure out why things had suddenly stopped working. Staff scientists' time costs about $150/hr (w/overhead). Multiply that by thousands, or tens of thousands, of PhDs wasting their time thanks to MS auto-pushing out an under-QC'd service pack/update/patch. I am still stunned that a class action lawsuit did not ensue.

    4. Re: Why is it? by gregarican · · Score: 1

      That sounds like a complete disaster! I can't imagine the time, expense, and repercussions that resulted. When it comes to specialty equipment with not off-the-shelf hardware I definitely wouldn't put into auto-update mode. Regardless of the calendar year or relative maturity of Microsoft's OS version.

      Servers I manually update after a test run. Most are standardized in terms of hardware. Clients that do auto-update are all vanilla with no oddball hardware involved. The handful of proprietary hardware type clients I have are indeed a more manual effort. Treated like servers really in a lot of ways. Ensuring the hardware vendor has ensured support for the OS update, ensuring the vendor's drivers are already at the latest recommended version, ad nauseam.

      Example of back-assward vendors would be ShoreTel VoIP servers. The vendor doesn't even recommend running ANY Windows Updates on them?!

      Although in the Linux world I can't imagine that distro updates haven't proven incompatible with certain hardware vendors, right? Plus Microsoft or any OS vendor cannot guarantee that their updates are compatible with every hardware vendor's components. Not to mention if the driver versions aren't at the latest supported. If the hardware vendor shut down years prior then that points to the need for replacing the orphaned platform, right?

    5. Re: Why is it? by Sir+Holo · · Score: 1

      That sounds like a complete disaster! I can't imagine the time, expense, and repercussions that resulted. When it comes to specialty equipment with not off-the-shelf hardware I definitely wouldn't put into auto-update mode.

      The first thing I do when I am charged with such an instrument is to go turn auto-update OFF.

      The first thing I do when I use someone else's system is to ask them if they have auto-update turned OFF.

      I have plenty more first-hand experience. Aside from the above, I had a 24-hour scan on an instrument (= $$$$) lose all of my collected data because the stupid vendor (Bruker) failed to turn auto-update OFF. The computer restarted in the middle of the night, and did not bother to save any of my data from the very-delicate scan. Pus all calibrations were lost, since the computer rebooted with the instrument in a state that it did not record. We had to waste a few hours with Bruker on the phone in order to get the thing to recognize where all of its fiducials and zero-points were. And if I recall correctly, we did not have Admin rights on the computer, but at least a Bruker tech was wise enough to just tell it to me so that I could turn auto-update OFF.

      Another system at the same lab ran on DOS. The maker of the specialty hardware (the only one that made the specific thingamajig to do the specific thing) was long out-of-business. Their interface card ran only on DOS 3.1 or 6, and only on a specific make, model and brand of some specific 386 computer! It was uncommon, so the guy in charge of it had to stockpile spare parts for the particular computer, for when the mobo or whatever died. Yes, DOS. Did I mention that this was in 2005? There was no alternative source. I asked the guy, "What if the interface card fails?" His answer was, essentially, "Then we are fucked." I won't say where this was, but it was an institution that produced a standard-reference series of data and books that everyone in my field knows and uses. Talk about dangling from a thread!

  26. No, It is just MS Windows on the Internet by atrimtab · · Score: 1

    Windows is not safely usable on the Internet.

    It's not incompetence by the administrators. They cannot fix a binary blob of vulnerable proprietary code.

    24 years after Windows 3.0 with Trumpet tcp/ip stack Windows continues to be the easiest platform to attack successfully. This will not change until Microsoft becomes financially responsible for their poor security design.

    I worked at an ISP for many years. We always used open source software, so we could fix issues ourselves. That was a hell of a lot better than waiting on hold for support that likely does not have a solution yet.

    While customers using infected MS Windows systems were our #1 support tar pit.

    On the Internet, Microsoft Windows is unsafe for any need.

    --
    Facebook is billions of individual "Skinner Boxes." And if you use it you are the pigeon!
    1. Re:No, It is just MS Windows on the Internet by ruir · · Score: 1

      I managed an ISP too...while we used open source, I also took the initiative to block several ports NetBIOS/others and SQLServer.
      Once an unhappy customer complained and changed the SQLServer instance to another port for an app in another country to write to it, after being told by us that the properly way to do it was a VPN and we could assist with that, in less than two weeks they were hacked/infected by a bot, and ripe with malware in the internal network that used the SQLServer as an entry point.
      As you said, our field teams took much of the brunt of dealing with customers and doing the first line of support for Windows customers; when inspecting their reports I would say 80% of them were cleaning viruses from Windows machines.

  27. If you think critical infrastructure is protected by ffkom · · Score: 1

    think again - because for saving a penny, companies (including those running hospitals) will sacrifice everything.

    Just to give you one example from the banking industry: I only recently learned that hundreds of banks allow a 3rd-party vendor of some dubious "sentiment analytics" to inject "widgets" into their banking home page, which they welcome because they are served for free - paid by advertisements the 3rd-party injects alongside their data into those HTML widgets.

    Can you believe it? They voluntarily invite the number one vector for trojan software - malvertisement - into their "official" banking home page, just because "it is for free"! And that is the attitude which makes this century a golden age for cybercrime.

  28. Re:Can you see by ghoul · · Score: 1

    The Medical IT in America is so fragmented and confusing that even hackers give up as its too confusing. Its not also well integrated. The reason Americans pay 3 times other developed countries is Doctor's offices are employment generation schemes with receptionists, medical billing specialists, nurse's assistnats and what not. Many time the only way to take records form one doctor's office to another is print it out, hand carry it and have the new office type it back in. Not an environment easily hacked. Its already running as inefficiently as it can. No hack is going to slow it down.

    --
    **Life is too short to be serious**
  29. Submarines have windows by Martin+S. · · Score: 1

    The four Vanguard-class ballistic missile submarines provide the UK's entire nuclear deterrent. ...
    The four submarines have just one critical flaw: They all run Windows XP.

    http://www.popularmechanics.co...

  30. Re:Attacking hospitals is really bad. by gweihir · · Score: 1

    This was not a targeted attack. In fact, the creators may even have assumed that hospitals would have better IT security (not worse) than anybody else and hence this was not a risk.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  31. I am saddened to see my comment market "troll". by tlambert · · Score: 2

    I am saddened to see my comment market "troll".

    Other than a comment, there is no alternate channel with which to communicate errors in headlines or story summaries. The comment gets made, with humor, the headline gets fixed, and then the comment gets demoted.

    This wouldn't be bad, if there were some way to direct message the editor for the headline and story summary in question, with having to leave a public comment in order to communicate their error.

    At least my comment was made with good humor, rather than with name-calling.

  32. Re:Can you see by fluffernutter · · Score: 1

    Except 'not well integrated' usually means 'we have to connect as much as possible to the open internet as a last resort so we can do anything'.

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
  33. Doh by Martin+S. · · Score: 1

    Perhaps you should learn the difference between governance and government.

  34. Write a virus = risk your life by KayakFun · · Score: 1

    I would certainly hope this virus will also affect certain criminal organisations who will be so pissed off that they will put a price on the heads of these virus writers.

    There are virus writing kits around which make it easy to release these viruses and before it becomes a hobby of 16-year olds someone should set an example.

    BTW: what is the maximum sentence a virus writer can get? Does it depend on how much damage it caused? Or can you go to jail for owning a virus writing kit and not using it (yet)?

    What would deter virus writers? 5 years in jail without access to a computer?

  35. Re:Attacking hospitals is really bad. by KayakFun · · Score: 1

    If you write an un-targetted virus, you must assume it will hit everything. Also life-saving institutions and machines. Which makes you a terrorist and possibly a murderer.

    "Sorry judge, I did not mean to bring down all hospitals in the world, and causing more than 100 dead. I was only playing around with a virus construction kit and then my cat stepped on the Send button."

    or...

    "Please don't kill me, I did not mean to bring down your criminal computer network. (followed by the sound of a gunshot)"

  36. National security demanding access causes this by KayakFun · · Score: 1

    The fact that NSA and other government agencies demand a backdoor in propriatry OS and programs or create one to spy on us is the real problem.

    Open source is the answer. I was hit by a Windows virus in 1995 and switched to Linux after that.

  37. Re:Attacking hospitals is really bad. by gweihir · · Score: 1

    While I agree, this was still not a targeted attack and the hospitals hit share a large part of the blame. One thing is that MS fixed this about 2 months ago, so why did they not patch? And running XP networked these days in a hospital? I cannot imaging negligence getting more gross.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  38. Re:Attacking hospitals is really bad. by KayakFun · · Score: 1

    They may have medical equipment that is connected to a serial port and only has a WinXP driver. The lifecycle of such hardware is a lot longer than typical PCs.

    In a company I worked we ended up quarantaining the hardware that needed WinXP because of other measuring hardware, and migrated the rest to Win7. After that only the Win7 PCs were allowed on the internet.

  39. Re:Attacking hospitals is really bad. by gweihir · · Score: 1

    I know that. But whoever designed and bought that equipment knew _back_ _then_ that XP will not get security patches at some point anymore. That is gross negligence or intent right there. And running this equipment non-quarantined today is just the same.

    To me it seems that the NHS had XP machines just normally connected to their LAN, no firewall, no separate network, nothing.

    I know that the attackers have a large share of the blame, but they are most certainly not the only ones here.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  40. Increase website security and updates! by Kentuckymike · · Score: 1

    WannaCry Ransome Maleware Attack is constant thread. According to the statistic over 99 countries are already victim for this attack. And some new countries have been added too. However, it's the time to recover this situation and get out ourselves from 'WannaCry Ransome Maleware Attack'. We should increase Windows Security and Updates via command line. https://wuinstall.com/ is the helping hand. This can update your Windows Security and can give you access to Admin panel.