NHS computer systems hacked!?

Glaucus · 12 May 2017 at 23:22

Feek said:
Irrelevant. MS still provide patches for some businesses. I don't know for sure if the NHS are one of those but I heard something earlier today which suggests they are.
Apart from which, this is affecting other versions of Windows as well, even those fully patched. It's not just the NHS running XP who are victims.

it was patched back in march, so if you have a fully patched system then you will be fine, what OS' that's patched on I don't know.
edit - patched all the way back to vista, so just xp and before are vulnerable, unless the update wasn't applied.

Rroff · 12 May 2017 at 23:22

Glaucus said:
how a I doing that, I'm well aware it takes ages and costs a lot, hence I said it would take like a decade. but we need to start. It is not acceptable in this daty and age that companies are allowed to do it because of historic penny pinching. Bad now, Imagine in a decade when pretty much everything is automated/computer controlled.

The reality of what you are suggesting could easily bankrupt many a company, especially in current economic circumstances, unless the government was to step in and provide some resources/money :s while I'm sure there is some penny pinching many genuinely do have constraints as to when the money is available for it.

jimjamuk · 12 May 2017 at 23:22

Rroff said:
This is just the tip of the iceberg compared to what the whole snooper's charter thing could unleash :|

A backdoor in this case would allow you to get back into the files - so actually a good thing in this case (although a bad thing overall in regard to privacy)

asim18 · 12 May 2017 at 23:23

Usual windows 10 fanboys trying to use this story to big up windows 10.

This virus would have done the same thing on any operating system. No? Windows 10 doesnt magically stop people opening email attachments.

Also, windows 10 is a virus itself its not surprising smarter corporate customers who want to maintain full data and security integrity want nothing to do with windows 10. Just look at that recent win10 backdoor that got exposed which didn't even affect win7.

Glaucus · 12 May 2017 at 23:23

jimjamuk said:
But once you start and it takes 10 years - the initial apps developed will be 10 years old when you get back round to sorting them out again

no, because companies would keep it upto date as there is now a law which punishes them. Its only when you spend no money for many years and you lose the expertise and things become multi generations out of date there is an issue.

Caged · 12 May 2017 at 23:24

Feek said:
Apart from which, this is affecting other versions of Windows as well, even those fully patched.

Where are you hearing that from? Everything I've seen that is analysing this attack is saying that the vector is the SMBv1 exploit patched in MS17-010.

opethdisciple · 12 May 2017 at 23:24

This was recently patched as of the last patch Tuesday. (According to what I just read)

Feek · 12 May 2017 at 23:25

Caged said:
Where are you hearing that from? Everything I've seen that is analysing this attack is saying that the vector is the SMBv1 exploit patched in MS17-010.

If that's definitely the case then I apologise - I was sure I read something earlier where someone said they had a Windows 10 box, fully patched and up to date that had this on. I can't find it though.

Glaucus · 12 May 2017 at 23:26

Feek said:
If that's definitely the case then I apologise - I was sure I read something earlier where someone said they had a Windows 10 box, fully patched and up to date that had this on. I can't find it though.

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Rroff · 12 May 2017 at 23:26

jimjamuk said:
A backdoor in this case would allow you to get back into the files - so actually a good thing in this case (although a bad thing overall in regard to privacy)

If the whole snooper's charter goes ahead in anything like the form its being pushed there are going to be some hard lessons learnt unfortunately a lot of innocent people will probably suffer first - today's events should give some insight but unfortunately it will likely also be ignored.

jimjamuk · 12 May 2017 at 23:27

Caged said:
Where are you hearing that from? Everything I've seen that is analysing this attack is saying that the vector is the SMBv1 exploit patched in MS17-010.

but knowing IT Operational departments - they arent always bang up to date patching wise - for some theres a whole testing cycle before actually being deployed to live kit and this one still might be queued so some out there if it was only March

Feek · 12 May 2017 at 23:28

Glaucus said:
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Thanks. I've edited my post.

Glaucus · 12 May 2017 at 23:29

jimjamuk said:
but knowing IT Operational departments - they arent always bang up to date patching wise - for some theres a whole testing cycle before actually being deployed to live kit and this one still might be queued so some out there if it was only March

but again, risk assed. Should have been pushed to top of the que and rushed. But they don't seem to risk asses anything, we haven't implemented patches straight away for ever and we haven't been prosecuted so carry on. Its no wonder that it is a huge issue and is growing rapidly. Laws and companies need to catch up.

this was classed as a critical update. It was a know explot out in the wild, As NSA hacking software used the exploit and that software was leaked.

Nasher · 12 May 2017 at 23:29

jimjamuk said:
but knowing IT Operational departments - they arent always bang up to date patching wise - for some theres a whole testing cycle before actually being deployed to live kit and this one still might be queued so some out there if it was only March

Microsoft don't exactly make patching easy or reliable for internal networks either.

jimjamuk · 12 May 2017 at 23:29

Rroff said:
If the whole snooper's charter goes ahead in anything like the form its being pushed there are going to be some hard lessons learnt unfortunately a lot of innocent people will probably suffer first - today's events should give some insight but unfortunately it will likely also be ignored.

But todays event proves the power of encryption which is the opposite of what worse case snoopers charter would be?
Just fire up a VPN

Rroff · 12 May 2017 at 23:30

Feek said:
Thanks. I've edited my post.

Initial vector wasn't Windows 10 but looks like some Windows 10 systems have subsequently been affected - not really sure details.

Caged · 12 May 2017 at 23:30

This is all straying a bit far away from discussion on the issue and into the realm of armchair-CIOs or just plain incorrect assumptions being made. Have a read through this page and the linked Twitter feeds/Tweets if you're interested on a technical level.

https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168

Nasher · 12 May 2017 at 23:31

jimjamuk said:
But todays event proves the power of encryption which is the opposite of what worse case snoopers charter would be?
Just fire up a VPN

If they weaken encryption attacks like this would be even easier. If you make a backdoor in to anything, anyone can use it.

Rroff · 12 May 2017 at 23:31

jimjamuk said:
But todays event proves the power of encryption which is the opposite of what worse case snoopers charter would be?
Just fire up a VPN

Proves the dangers from the fallout of systems being compromised facilitated by weakened encryption.

malachi · 12 May 2017 at 23:32

Hang on!! So this has come up because they are all still using XP??? Well...that says it all then.

They have been warned over time to upgrade their system and unfortunately it takes something like this for them to realize how vulnerable they are using XP in 2017.