Slashdot Mirror
Cyberattack Hits England's National Health Service With Ransom Demands (theguardian.com)
Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients. The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS Digital said it was aware of the problem and would release more details soon. Details of patient records and appointment schedules, as well as internal phone lines and emails, have all been rendered inaccessible. From a report: "The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this. NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations. "This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors. "Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available." NPR adds: The problem erupted around 12:30 p.m. local time, the IT worker says, with a number of email servers crashing. Other services soon went down -- and then, the unidentified NHS worker says, "A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen." The attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors, it appears. The report adds: Images that were posted online of the NHS pop-up look nearly identical to pop-up ransomware windows that hit Spain's Telefonica, a powerful attack that forced the large telecom to order employees to disconnect their computers from its network -- resorting to an intercom system to relay messages. Telefonica, Spain's largest ISP, has told its employees to shut down their computers.
Update: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.
Update: BBC is reporting that similar attacks are being reported in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan today.
Sounds like the General VLAN got hit. Critical medical systems should be on a separate and restricted VLAN. I'm a bit surprised that VOIP phones weren't isolated from this.
When Tony Blair met Bill Gates in 2006 - after kissing Gates' feet and gushing for a few hours about his supreme wonderfulness - Blair signed up for the super huge mega deal, with all the Windows you can eat. (Small print: security is up to you, mumble mumble mumble...)
"Mr Gates, the billionaire software pioneer, had just written a book about how IT could transform economies".
Yeah. Transform them from prosperity to miserable bankruptcy - along with lots of dead and dying patients. And transfer a large slice of their revenue to Bill Gates' bulging pockets.
Maybe the NHS should call Gates now and ask him to sort out their problems.
https://www.theguardian.com/bu...
I am sure that there are many other solipsists out there.
"I've come across this virus. Nasty virus. Really, really bad virus. We're going to stop this virus, and we're going to make Mexico pay for it."
Oh get off your high horse. We had a ransomware infect one user and then their network drives last fall. We stopped it within 20 minutes but still the damage was done with 40% of their network drive encrypted. The virus scanner (sophos) didnt catch it, email virus scanner missed it too. Was hand targeted for this one particular employee.
She unfortunately had access to a drive she shouldnt have as well so the attack spread farther than it should have.
We restored from backup and wiped the machine, but it was certainly inconvenient for a few hours for everyone in that department who lost access to their files.
The point is that this can happen to anyone so dont get cocky. Every user has write access to SOME files on the network, that is unavoidable.
I liked this video i saw at a cisco presentation a few weeks back. In theory a good IDS system with integrated agents on the machine and a "nex gen" firewall should halt an attack quickly. But thats a lot of money that many companies won't invest in till its too late.
https://www.youtube.com/watch?...
As a potential lottery winner, I totally support tax cuts for the wealthy