NHS computer systems hacked!?

Rroff said:
I've rather mixed feelings about that - ultimately if they do discover such flaws they have to bear some responsibility for what they then do with that - but at the end of the day these are spy agencies - to a certain extent they need some leeway on things like this to do their job.
Click to expand...

Unless I feel more at risk from them not having such tools than I do from such vulnerabilities remaining open, then their gain is my loss. I'd put the risk of criminals using such vulnerabilities at much greater risk than me being blown up by a terrorist because the NSA had found an exploit closed.


Besides, they seem to use such capabilities for spying on us and destroying Iranian centrifuges, more than anything else. I'm far more afraid of my government than I am "terrorism".
 
h4rm0ny said:
Besides, they seem to use such capabilities for spying on us and destroying Iranian centrifuges, more than anything else. I'm far more afraid of my government than I am "terrorism".
Click to expand...

There is a terrorist in the Irish Government.
 
glen8 said:
To say I'm extremely angry over all this is a huge understatement. I was in the middle east working on IT systems last week when it broke on the news.
To be honest, I nearly flew back home the next day. This was waiting to happen! It's senior execs and top level IT directors. Seriously, some people need to lose their jobs. When local services are closing and sending staff home, someone needs to go! It's that age old saying isn't it, rubbish people either get fired or promoted.

They will say it's roots are based in cost savings, I say they waste money and are not intelligent.

The NHS has thousands of client devices, not enough well trained IT engineers, poor platforms, poor services, poor processes, poor everything.

If you can't afford to look after your environment you have the wrong environment.

Sky News have just said IT Managers are struggling to understand the scale of this. If so, they need sacking as well.

I bet 90% of their clients are unpatched xp machines running office 2003. Windows XP launched in 2001. They will argue they can't afford to spend £500 per machine plus the resources required to replace them. What year is this, 2006! Do they run weekly reports showing percentage of clients unpatched, if not why not. If they do, what are they doing about it. Don't tell me "we dont have enough time", "we dont have enough people", "not my job", "nobody told me to do that". Heard it all before. If you can't do it, use NAP and stick all the nasties in another VLAN. Who cares who shouts, at least your safe.

I've just replaced 800 windows machines for £44k...there's no excuse

So tomorrow I go into a board meeting at 9am to discuss the outbreak. We're fine, a few years ago we probably wouldn't be, but with an IT department of less than 12 supporting thousands of client devices.....we soon moved to zero terminals and beefed up the data center. Now the IT engineers patch the servers and the clients are bullet proof. Cheap to buy, cheap to run, cheap to support. Where companies require windows desktops like the companies I advise in the middle east, we do something different but always safe. You can't carry on running old operating systems which are unpatched.

and if you do get a nasty in, are your policies good enough to get your network back up and running as it was before within 24 hours?

There is a part of me that is kinda glad this happened, what a wake up call....will anybody listen...who knows.
Click to expand...

When I was working in the NHS about fifteen years ago, I was involved in the procurement process for a new IT support company for our PCT. (Primary Care Trust - a regional organisational body in the NHS). At the time the PCT had an internal IT support staff. I came into the process in an "advisory" capacity a representative on behalf of the practices themselves because I knew a number of the practice managers and they knew I was highly technical and I had gotten into a lot of conversations with them about it. Anyway, long story short, I ran some basic numbers and showed that it would cost LESS if they just hired more staff internally to do the IT support and continued as we were but with increased capacity. This was immediately rejected and the reason was - and this was actually said in front of me in the meeting - by outsourcing it, responsibility for any failure wouldn't fall on the PCT but on the outsourced company. They weren't concerned with whether it succeeded or failed, they were concerned with whether they had a bit of paper saying it was somebody else's fault.

The new outsourced company was brought on board. They didn't contribute their own tech support staff. Instead they allocated expensive proto-tablet devices to each of the existing PCT tech support staff that went beep when a new ticket came in and told them which practice they needed to go to. Also, they answered the phones now instead of practices getting directly through to the PCT tech support staff. The new company merely took details of the problem and then gave a garbled version to the tech support. And then usually called you back to ask you what you meant because they hadn't gathered enough detail for the techies. People on both sides rapidly started bypassing the company for the very simple reason that it was the most efficient way to get things done - for both parties! The outsourced company was rude, clueless and their own ticketing system didn't seem to work. Their reach exceeded their grasp by a considerable margin!

So the upshot of all this was that the poor practices went from a system where there were three competent but somewhat overworked techies keeping everything running, to a system that for the price of two more full-time techies, left them the exact same number of people doing the actual support but with an added layer of inefficient management on top that everyone was supposed to go through but which people hated doing.

However, the people who appointed the company were happily able to blame the outsourced company for not delivering efficiently. It didn't matter that they'd been told this would happen. It mattered that they didn't have to take the risk of running and failing something themselves.
 
h4rm0ny said:
lots of text
Click to expand...

Isn't it interesting we have so many similar stories to tell.

The reason I was in the middle east last week was due to a company ending their IT contract with an external provider. £100,000 per year and they did literally nothing! and I do mean nothing. I was over there looking into the systems to give a detailed health report.

Three years with no tape drive working for starters! the disk array only had 1tb of backups on
Server room at almost boiling point (50 degree heat in August) - server fans at 100%, blade failed after it cooked itself
8 blade chassis connected to an off the shelf ups (building power supply dropped at least twice a week)
fsmo roles on a server removed 2 years ago
firewall with any/any allow rule
staff downloading torrents (found a harry potter boxset lol)

The list was endless, but again......the blame would always be towards the provider. The reality is very different though as we all know. The person who gets blamed is whoever gave the contract to the provider.
 
teaboy5 said:
Well you just said 800 windows machines?

Even if they didn't 55 quid is seem like pure BS. I would have thought at best 200-300.

So inform us of the spec?
Click to expand...

I said I replaced 800 windows machines, not bought 800 new ones

for those cash strapped companies, it's a good solution and a cost effective way of binning windows xp so long as you have the back end in place

https://www.igel.com/desktop-converter-udc/

I did look at seeing if I could do something with Windows 10 iot core for free, but in the end and after spending a few weeks speaking to various vendors (dell, 10zig etc etc) really happy with this
 
Last edited:
So as long as you have a suitable VDI environment in place with enough capacity for 800 new session then you can replace Windows XP for £55 per machine.

Quite the misleading statement.
 
Suggestions are surfacing that Symantec and Kaspersky believe that this malware may have originated in North Korea.

Google ArsTechnica, Forbes, USnews or Reuters and "north korea ransomware" . . . could be interesting ;)


Edited: "North Korea" suggestion report now on BBC Online.

There was also an interview with someone from IBM who suggested that there was no evidence that email was the initial distribution mechanism and that "individual" (i.e. Home) users appear not to have been greatly affected - perhaps suggesting a targeted attack?
 
Last edited:
The timing is interesting - new SK president, NK upset at China etc..

suddenly we get the recent missile launch and this malware attack
 
You must log in or register to reply here.
Back
Top Bottom