NHS computer systems hacked!?

Django x2 · 18 May 2017 at 21:40

ChrisD. said:
You couldn't be more wrong.

Trust me, I'm not. I've worked with Citrix, and the public sector long enough to know it's not an option

Tefal · 18 May 2017 at 22:02

Django x2 said:
Trust me, I'm not. I've worked with Citrix, and the public sector long enough to know it's not an option

whats citrix and why is it a bad idea

it sounds like a brand of lemon scented bog cleaner

Django x2 · 18 May 2017 at 22:15

Probably more useful in that regard.

touch · 18 May 2017 at 22:18

opethdisciple said:
The money they save on windows and office license they could spend on agreeing contracts to develop the open source drivers for their equipment.

The cost of licences are negligible compared to the cost of their bespoke software projects.

The reason that they have computers running old operating systems is not because they cant afford to upgrade the licences, it's because they can't afford to have the software rewritten to be compatible with the upgraded OS. Using a free OS isn't going to make any difference. (It's just going to limit the number of companies who have the ability to provide IT support and end up costing them more to support their free OS)

Rroff · 18 May 2017 at 22:21

touch said:
The cost of licences are negligible compared to the cost of their bespoke software projects.

The reason that they have computers running old operating systems is not because they cant afford to upgrade the licences, it's because they can't afford to have the software rewritten to be compatible with the upgraded OS. Using a free OS isn't going to make any difference.

Yup - I dunno what final costs were but it ran into the 100s of thousands just to have some fairly basic warehouse operations software rewritten from scratch to support newer OSes. (and adding in some new feature support).

asim18 · 18 May 2017 at 22:27

Malevolence said:
Anybody heard from @SexyGreyFox recently? He hasn't posted since March and I thought he'd be all over this thread.

Hope the fella is OK.

bump.

V F · 18 May 2017 at 22:30

touch said:
The cost of licences are negligible compared to the cost of their bespoke software projects.

The reason that they have computers running old operating systems is not because they cant afford to upgrade the licences, it's because they can't afford to have the software rewritten to be compatible with the upgraded OS. Using a free OS isn't going to make any difference. (It's just going to limit the number of companies who have the ability to provide IT support and end up costing them more to support their free OS)

So what is the answer to software you are unprotected from with money you don't have for machines you cannot update due to compatibility. As this wont be the last attack in years to come with exploitable software.

Do you just wing it for the next decade or so?

touch · 18 May 2017 at 22:35

V F said:
So what is the answer

I dont know what the answer is (probably some kind of SAAS solution?)
I do know that the answer is not switching to free operating systems in an attempt to save money.

V F · 18 May 2017 at 22:39

"Patient confidentiality"

I chuckle everytime I hear that. Especially with completely unsecured systems.

jimjamuk · 18 May 2017 at 22:52

opethdisciple said:
The rumour is that this is possibly a North Korean hack.

Is this the 2017 version of weapons of mass destruction??

jimjamuk · 18 May 2017 at 22:53

touch said:
The cost of licences are negligible compared to the cost of their bespoke software projects.

The reason that they have computers running old operating systems is not because they cant afford to upgrade the licences, it's because they can't afford to have the software rewritten to be compatible with the upgraded OS. Using a free OS isn't going to make any difference. (It's just going to limit the number of companies who have the ability to provide IT support and end up costing them more to support their free OS)

This ^^

Raumarik · 18 May 2017 at 23:12

V F said:
So what is the answer to software you are unprotected from with money you don't have for machines you cannot update due to compatibility. As this wont be the last attack in years to come with exploitable software.

Do you just wing it for the next decade or so?

Air gap when possible, strong perimeter controls and internal monitoring if you can't as well as all the usual endpoint protection. It's possible, requires a bit of money but more importantly requires staff to have the time to do it - and that is usually the downfall as maintenance is rarely a priority when those staff could be used on break/fix and projects.

V F · 18 May 2017 at 23:12

jimjamuk said:
Is this the 2017 version of weapons of mass destruction??

Halfmad said:
Air gap when possible, strong perimeter controls and internal monitoring if you can't as well as all the usual endpoint protection. It's possible, requires a bit of money but more importantly requires staff to have the time to do it - and that is usually the downfall as maintenance is rarely a priority when those staff could be used on break/fix and projects.

Tight people with money though. Still wont work.

ChrisD. · 18 May 2017 at 23:43

Django x2 said:
Trust me, I'm not. I've worked with Citrix, and the public sector long enough to know it's not an option

Except for the fact many Government departments use it?

Django x2 · 19 May 2017 at 11:33

ChrisD. said:
Except for the fact many Government departments use it?

I've met one, and it's a bone of contention, and that's pan government

ChrisD. · 20 May 2017 at 09:36

opethdisciple said:
Plus the cost of an upgrade to Windows 10 per virtual device?

Run an RDSH server, saves on Windows 10 licenses.

darkgen · 20 May 2017 at 10:01

I touch Citrix quite a bit in my working life so are also interested to know about the apparent joke shop that is Citrix. Typical governmental incompetence when it comes to any form of IT implementation or a poor product?

Dolph · 20 May 2017 at 17:51

V F said:
So what is the answer to software you are unprotected from with money you don't have for machines you cannot update due to compatibility. As this wont be the last attack in years to come with exploitable software.

Do you just wing it for the next decade or so?

Air gaps, file broker solutions, basically secure that machines incoming and outgoing network activity to ensure that it is not in a position to be infected or if it is, that it can't infect the rest of the system.

The solutions exist and in use elsewhere already.

V F · 20 May 2017 at 17:57

Dolph said:
Air gaps, file broker solutions, basically secure that machines incoming and outgoing network activity to ensure that it is not in a position to be infected or if it is, that it can't infect the rest of the system.

The solutions exist and in use elsewhere already.

I know there are solutions but you're dealing with people that cannot take advice, don't want to change and don't want to spend money.

Dolph · 20 May 2017 at 18:59

V F said:
I know there are solutions but you're dealing with people that cannot take advice, don't want to change and don't want to spend money.

Now that is a very different problem, sadly. Unless and until senior staff are held accountable, it won't change. The nhs shuffles the blame onto the government, despite the government not running nor having hiring and firing capability in the service.