External device would work yes but would have to be disconnected from your pc(Happy to be proved wrong but I believe anything connected to the affected system to be at risk). Some ransomware is well written enough to go after network storage. IIRC there's variants that target Dropbox as well (but I think dropboxes version history would defeat that).
NHS computer systems hacked!?
- Thread starter Tone1979
- Start date
I'm sure it's not easy, but GCHQ and the NSA are next level on this kind of thing
This is what i was thinking, this virus will be spreading via roaming profiles amongst other ways, if it is on the servers then it could also be on their databases of patient info and all the back ups, they could all be infected, lots of cloud systems are used in the various trusts up and down the land.
e: Also lots of 3rd party companies remote in to the NHS systems.
Soldato
- Joined
- 13 Sep 2005
- Posts
- 4,354
Had this for a customer a couple of weeks ago and had to flatten their server. Online backups were fine so wasn't too bad.
Not surprised this has hit the NHS. Given the potential impact on patient care I hope the author gets found and goes to prison tbh. Unlikely I'm sure.
Not surprised this has hit the NHS. Given the potential impact on patient care I hope the author gets found and goes to prison tbh. Unlikely I'm sure.
If there are offline backups then they can start restoring, but i dont think this is going to be as easy as that. I would like to be wrong on that though.
Won't it all be stored centrally in a secure location? doctors not being able to log in to a computer to access the data locally is enough to majorly disrupt the NHS.
I have faith that the system is secure. All of the patient data is on a secure server and only accessed through proprietary software so there's no way that it could have been encrypted.
Where they not also buying stuff 'off the shelf' from criminal groups so as to give their hacking some level Plausible deniability. It's not like theses groups wouldn't then also sell on that same software to others, right...
There is loads of stuff about Telefonica on Twitter and Spanish news. All employees were told to turn off their computers today, this was an hour or two before the NHS news came out. I guess Telefonica probably do quite a lot of work with the NHS (either directly or via their Uk company O2) so it was likely spread via email.
I have posted many a time on here when someone at our place has ran a cryptolocker.
When we've had cryptolockers since I've been there all but 1 of them has been stopped from spreading through directories by user permission access, I think that was odin or it might have been zepto I can't remember there's been too many.
I'm not surprised this has happened, what I am surprised by is that it is spreading across multiple sites (?), I've no idea how NHS sites and file shares are linked, unless lots of people have been duped by the same email today?
When we've had cryptolockers since I've been there all but 1 of them has been stopped from spreading through directories by user permission access, I think that was odin or it might have been zepto I can't remember there's been too many.
I'm not surprised this has happened, what I am surprised by is that it is spreading across multiple sites (?), I've no idea how NHS sites and file shares are linked, unless lots of people have been duped by the same email today?
Soldato
- Joined
- 1 May 2013
- Posts
- 9,911
- Location
- M28
This is what Skynet was developed for, time to let it loose....
This happened on an episode of Chicago Med a few weeks back, they paid in the end.
This happened on an episode of Chicago Med a few weeks back, they paid in the end.
Has anyone successfully had their files decrypted from this? I'd rather not hand cash over to the ***** but I gotta be pragmatic. The ransom is significantly less than the cost of lost time of the staff recreating the work done since the last backup, and I'll have to flatten the server and reinstall anyway.
Hacking doesn't work like how you think it works.