NHS computer systems hacked!?

[ultralaser]

Has anyone successfully had their files decrypted from this? I'd rather not hand cash over to the ***** but I gotta be pragmatic. The ransom is significantly less than the cost of lost time of the staff recreating the work done since the last backup, and I'll have to flatten the server and reinstall anyway.

There's no decrypt tool available at the moment, apart from their own one obviously.

 

[awaybreaktoday]

https://twitter.com/fendifille/status/862997621039878145/photo/1?ref_src=twsrc^tfw&ref_url=https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack

wow

Wonder how much she will make from news organisations requesting to use her picture and have a chat with her.

 

[Arazi]

Honestly

Has anyone successfully had their files decrypted from this? I'd rather not hand cash over to the ***** but I gotta be pragmatic. The ransom is significantly less than the cost of lost time of the staff recreating the work done since the last backup, and I'll have to flatten the server and reinstall anyway.

Honestly?

 

[bledd]

A way of making backups that shouldn't be affected by thing like this.

On your NAS drive, create a user that is only used for making backups. Lock down a folder so only this user can write to it. IE.. \\nas\backupimages


In your backup software (Veeam Endpoint backup is great), tell it to use this user as the network credentials.

Give your main PC user read-only access to this folder.

You can also give your main user read-only access to all of your non-changing media flies on your NAS for example.

Also Windows Update is vital.

 

[hyperseven]

So $300 is that total, per user, per PC?

 

[Buckster]

I'm sure the backups are secure but how long to recover ? Hours ? Days ? Weeks ?

 

[Felon]

interesting to hear about how a large chunk of the NHS is still using Windows XP, I remember a whole load of contractors walking out of the NHS, abandoning some of the upgrade programs, in the wake of government IR35 crackdowns, https://www.theregister.co.uk/2017/02/27/contractors_begin_mass_exodus_ahead_of_ir35/

I bet they're laughing hard right now,

 

[bledd]

https://blog.gdatasoftware.com/2017/05/29751-wannacry-ransomware-campaign

 

[Arazi]

Hospitals i have used recently:

https://www.thewaltoncentre.nhs.uk
http://www.aintreehospital.nhs.uk/
https://www.lhch.nhs.uk

All down at the moment.

 

[CHokKA]

The local surgeries will be affected because their systems are linked to the overall NHS system, which after this, will likely have been taken offline to deal with this. Along with this, there are VPNs and so on, and it honestly wouldn't surprise me if some of the computers used have really old operating systems that haven't been secured properly. It's a pretty sad state of affairs really. Even with great backups in place, this is going to take a long time to resolve. That's assuming those backups are encrypted themselves when they were setup, and are away from the rest of the network. Otherwise, they've got a problem

 

[Dis86]

Talking to my friend he's saying none of the surgeries or centres he deals with appear to have been impacted

 

[Azza]

Are NHS Trusts allowed to run their ICT inf themselves and have freedom to a certain degree? Or is everyone standardised?

I'm sure the backups are secure but how long to recover ? Hours ? Days ? Weeks ?

Depends on how much data is encrypted and needs recovering.

 

[bledd]

Hospitals i have used recently:

https://www.thewaltoncentre.nhs.uk
http://www.aintreehospital.nhs.uk/
https://www.lhch.nhs.uk

All down at the moment.

DING DING DING!

This guy did it.

 

[Steeps]

Hacking doesn't work like how you think it works.

Exactly, which is why I was joking about throwing 6bn at the NHS to fix the security issue, because that seems to be the solution for most political parties to fix the NHS, allocate more cash to it.

 

[Arazi]

The local surgeries will be affected because their systems are linked to the overall NHS system, which after this, will likely have been taken offline to deal with this. Along with this, there are VPNs and so on, and it honestly wouldn't surprise me if some of the computers used have really old operating systems that haven't been secured properly. It's a pretty sad state of affairs really. Even with great backups in place, this is going to take a long time to resolve. That's assuming those backups are encrypted themselves when they were setup, and are away from the rest of the network. Otherwise, they've got a problem

This is just the start i think.

 

[Arazi]

DING DING DING!

This guy did it.

 

[Arazi]

Are NHS Trusts allowed to run their ICT inf themselves and have freedom to a certain degree? Or is everyone standardised?

Every Trust has its own money for I.T, hardly any standardisation, some trusts share resources, not many though.

 

[Rroff]

This is just the start i think.

Sounds like its been in the system awhile as a surgery in the North East was affected at the same time as those in the South (though interconnected without a direct network link) so sounds like a timed payload and possibly deeper into the system than what has been seen so far.

 

[tibbsey]

Exactly, which is why I was joking about throwing 6bn at the NHS to fix the security issue, because that seems to be the solution for most political parties to fix the NHS, allocate more cash to it.

Ah, my bad then, didn't pick up on the humour. Guess I must be under the weather, might phone up and make an appointm... oh...

 

[awaybreaktoday]

A nurse writes anonymously
Posted at17:06


Anon: I'm a nurse in a hospital in Yorkshire. We were told to disconnect all computers, which we did, we've also been told our door entry and heating systems may also not work. Our directorate is possibly calling a major incident. Some of our equipment is internally networked and that function has been disabled, but we are still able to use them eg blood sugar metres and ventilators. Kettle still working, so we'll be OK!