Our system detected that your browser is blocking advertisements on our site. Please help support FoxesTalk by disabling any kind of ad blocker while browsing this site. Thank you.
Jump to content
LiberalFox

BBC Reporting "Cyber Attack" on NHS IT Systems

By LiberalFox, in General Chat

Recommended Posts

Costock_Fox

Costock_Fox

Posted
Posted
6 minutes ago, foxy boxing said:

Someone trying to extort money by blackmailing the NHS.  Could maybe be fancy bears or perhaps someone else. I'm sure a lot of people will think Russia is involved in some capacity.

We all know who it really is.

 

"$300 dollars" 

IMG_0193.JPG

Link to comment
Share on other sites
Izzy

Izzy

Posted
Posted

According to the BBC:

Apparently patients in some areas of the UK are being told NOT to go to A&E at present - unless it's an emergency..:rolleyes:

Link to comment
Share on other sites
ramboacdc

ramboacdc

Posted
Posted
7 minutes ago, Izzy Muzzett said:

According to the BBC:

Apparently patients in some areas of the UK are being told NOT to go to A&E at present - unless it's an emergency..:rolleyes:

and he was me going to go down for a laugh. 

Link to comment
Share on other sites
Wymsey

Wymsey

Posted
Posted

This incident will, now probably, somehow, change how the companies affected operate, use and store sensituve IT information to aid their business on a daily basis.

 

It is quite shocking and even somewhat embarrassing but this could make internet security very much more determined to stamp out any malware etc threats if they learn from this.

Doubt it, considering how sophisticated it is to try to, but hope the attackers get caught and get very significant jail terms.

Link to comment
Share on other sites
potter3

potter3

Posted
Posted
1 hour ago, ramboacdc said:

and he was me going to go down for a laugh. 

Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental.

 

 

1 hour ago, Wymeswold fox said:

This incident will, now probably, somehow, change how the companies affected operate, use and store sensituve IT information to aid their business on a daily basis.

 

It is quite shocking and even somewhat embarrassing but this could make internet security very much more determined to stamp out any malware etc threats if they learn from this.

Doubt it, considering how sophisticated it is to try to, but hope the attackers get caught and get very significant jail terms.

 

 Companies, especially those as large as the NHS should already have preventative measures and contingency plans should an infection occur. Yet it's somehow spread to 25 different sites :rolleyes: 

Link to comment
Share on other sites
ramboacdc

ramboacdc

Posted
Posted
36 minutes ago, potter3 said:

Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental.

 

im 3 episodes behind but i have read the manga and know it goes crazy..trust me you are in for a lot more. 

Link to comment
Share on other sites
potter3

potter3

Posted
Posted
20 minutes ago, ramboacdc said:

im 3 episodes behind but i have read the manga and know it goes crazy..trust me you are in for a lot more. 

 

Haha fair enough. I might've read it if I'd have known it was going to be a four year wait

Link to comment
Share on other sites
ajthefox

ajthefox

Posted
Posted
1 hour ago, potter3 said:

Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental.

 

 

 

 Companies, especially those as large as the NHS should already have preventative measures and contingency plans should an infection occur. Yet it's somehow spread to 25 different sites :rolleyes: 

It's hit thousands of companies across the globe but yeah, the NHS are just shit aren't they? :rolleyes:

Link to comment
Share on other sites
orangecity23

orangecity23

Posted
Posted

Hopefully someone can use this opportunity to explain to our strong and stable Prime Minister that when she demands backdoor access to Computer systems and phones so that Terrorists can be stopped (but we'll be using it on everyone, PS we'll be saving all your internet history so that the Food Standards Agency and The Welsh Ambulance Service can access it, because TERRORISTS), that it creates vulnerabilities that other states and cyber criminals will use to attack our IT infrastructure. There is no such thing as a security backdoor that will only be available to the "good guys", if its there it could be attacked by anyone.

 

EDIT - obviously this attack is a standard ransomware bitlocker style attack, but it shows how much damage can be inflicted by common crims, christ knows what damage a more advanced attacker could cause.

Link to comment
Share on other sites
Webbo

Webbo

Posted
Posted
6 hours ago, orangecity23 said:

Hopefully someone can use this opportunity to explain to our strong and stable Prime Minister that when she demands backdoor access to Computer systems and phones so that Terrorists can be stopped (but we'll be using it on everyone, PS we'll be saving all your internet history so that the Food Standards Agency and The Welsh Ambulance Service can access it, because TERRORISTS), that it creates vulnerabilities that other states and cyber criminals will use to attack our IT infrastructure. There is no such thing as a security backdoor that will only be available to the "good guys", if its there it could be attacked by anyone.

 

EDIT - obviously this attack is a standard ransomware bitlocker style attack, but it shows how much damage can be inflicted by common crims, christ knows what damage a more advanced attacker could cause.

Do terrorists normally comunicate via the the NHS computer system?

Link to comment
Share on other sites
The Doctor

The Doctor

Posted
Posted
34 minutes ago, Webbo said:

Do terrorists normally comunicate via the the NHS computer system?

Do terrorists normally communicate by Facebook? Almost certainly not (FB messenger isn't end to end encrypted), not stopped the US putting together plans to demand social media passwords. But, it's possible an NHS computer has been roped into a botnet, in which case it's possible it's being used to send terrorist communications and being utilised for cyber attacks.

 

But you don't need a snoopers charter for that, you don't need to introduce massive vulnerabilities to computer systems to catch it - you don't need to steal millions of people's private data and leave them open to malicious attacks to maybe catch a couple of terrorists (and that's a big maybe, they'll use end to end encryption as standard, and likely use a few quantum cryptography techniques to make it obvious to them when they've been compromised); the cost is not worth it.

Link to comment
Share on other sites
Webbo

Webbo

Posted
Posted
3 minutes ago, The Doctor said:

Do terrorists normally communicate by Facebook? Almost certainly not (FB mirrelevantnger isn't end to end encrypted) , not stopped the US putting together plans to demand social media passwords. But, it's possible an NHS computer has been roped into a botnet, in which case it's possible it's being used to send terrorist communications and being utilised for cyber attacks.

 

But you don't need a snoopers charter for that, you don't need to introduce massive vulnerabilities to computer systems to catch it - you don't need to steal millions of people's private data and leave them open to malicious attacks to maybe catch a couple of terrorists (and that's a big maybe, they'll use end to end encryption as standard, and likely use a few quantum cryptography techniques to make it obvious to them when they've been compromised); the cost is not worth it.

I thought we were talking about snapchat and whatsapp, that kind of thing? My point was that this hack is irrellevant to what the govt is trying to do about terrorism.

Link to comment
Share on other sites
The Doctor

The Doctor

Posted
Posted
16 minutes ago, Webbo said:

I thought we were talking about snapchat and whatsapp, that kind of thing? My point was that this hack is irrellevant to what the govt is trying to do about terrorism.

The government are demanding more vulnerabilities in systems to snoop - that will open systems up to more attacks like this even though it's not the primary intention of the vulnerability. 

Link to comment
Share on other sites
Monk

Monk

Posted
Posted

It is shocking the number of large organisations still using windows XP, and paying Microsoft a fortune to keep it safe. The ones that don't pay microsofts ransom will be the ones exposed. No surprise to see the NHS on the list but a call to action if there ever was one!

Link to comment
Share on other sites
Collymore

Collymore

Posted
Posted

I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? 

 

They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? 

Link to comment
Share on other sites
Tielemans63

Tielemans63

Posted
Posted

Russia really are taking the piss these days aren't they?

 

I know that the perpetrators aren't known but they'll be Russian won't they? You just know it. The level of provocation from that country is really quite worrying.

Link to comment
Share on other sites
Innovindil

Innovindil

Posted
Posted
3 minutes ago, Collymore said:

I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? 

 

They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? 

The trouble with paying the ransom is there is no guarantee they will "unlock" the computer(s). They could just ask for more and more money. Plus, if you pay once then they know the ransomware works and will probably target you again. 

 

Iirc there isn't a way to get rid of it without paying though. At least there wasn't the last time I read up on it, which was some time ago. 

Link to comment
Share on other sites
Innovindil

Innovindil

Posted
Posted
5 minutes ago, Paddy. said:

Russia really are taking the piss these days aren't they?

 

I know that the perpetrators aren't known but they'll be Russian won't they? You just know it. The level of provocation from that country is really quite worrying.

A 12 year old could be running this from his garden shed. The ransomware is pretty much readily available for anyone who fancies using it. Better to wait to see if they can find out who it is before jumping to conclusions. :/

Link to comment
Share on other sites
sphericalfox

sphericalfox

Posted
Posted

The majority of systems/networks that have been shut down are a precautionary measure. the assumption by the media that the ransomware has been successful and actually has infected these systems is false. There are Trusts and networks which have been infected, but it's not as widespread as what is being reported. It's a preventative measure, and unfortunate one that's impacting services, but a necessary one.

Link to comment
Share on other sites
DB11

DB11

Posted
Posted
50 minutes ago, Collymore said:

I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? 

 

They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? 

That's very naive thought process. Do you not think they'd leave a backdoor in the system to keep doing it again and again if you pay the ransom

Link to comment
Share on other sites
yorkie1999

yorkie1999

Posted
Posted

Don't get this, surely the NHS has some sort of IT department or contracts a company to look after the systems and install hardware etc. It is the responsibility of whoever sorts their systems out to ensure this sort of stuff doesn't happen.

Link to comment
Share on other sites
sphericalfox

sphericalfox

Posted
Posted
2 minutes ago, yorkie1999 said:

Don't get this, surely the NHS has some sort of IT department or contracts a company to look after the systems and install hardware etc. It is the responsibility of whoever sorts their systems out to ensure this sort of stuff doesn't happen.

The use of the word 'hacked' isn't entirely accurate. The breaches have occurred through network users clicking through on dodgy links etc. The firewalls haven't been hacked. The IT departments can't stop idiots users unfortunately, despite organisations explicitly telling users NOT to click on links or opening questionable emails or emails with attachments that come from someone they don't know within their working circles.

Link to comment
Share on other sites
yorkie1999

yorkie1999

Posted
Posted
9 minutes ago, sphericalfox said:

The use of the word 'hacked' isn't entirely accurate. The breaches have occurred through network users clicking through on dodgy links etc. The firewalls haven't been hacked. The IT departments can't stop idiots users unfortunately, despite organisations explicitly telling users NOT to click on links or opening questionable emails or emails with attachments that come from someone they don't know within their working circles.

Which begs the question What are they going to do to stop it happening again? and if there's an answer to that, why wasn't that solution implemented in the first place?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...