foxy boxing Posted 12 May 2017 Share Posted 12 May 2017 Someone trying to extort money by blackmailing the NHS. Could maybe be fancy bears or perhaps someone else. I'm sure a lot of people will think Russia is involved in some capacity. Link to comment Share on other sites More sharing options...
Costock_Fox Posted 12 May 2017 Share Posted 12 May 2017 6 minutes ago, foxy boxing said: Someone trying to extort money by blackmailing the NHS. Could maybe be fancy bears or perhaps someone else. I'm sure a lot of people will think Russia is involved in some capacity. We all know who it really is. "$300 dollars" Link to comment Share on other sites More sharing options...
Izzy Posted 12 May 2017 Share Posted 12 May 2017 According to the BBC: Apparently patients in some areas of the UK are being told NOT to go to A&E at present - unless it's an emergency.. Link to comment Share on other sites More sharing options...
ramboacdc Posted 12 May 2017 Share Posted 12 May 2017 7 minutes ago, Izzy Muzzett said: According to the BBC: Apparently patients in some areas of the UK are being told NOT to go to A&E at present - unless it's an emergency.. and he was me going to go down for a laugh. Link to comment Share on other sites More sharing options...
Wymsey Posted 12 May 2017 Share Posted 12 May 2017 This incident will, now probably, somehow, change how the companies affected operate, use and store sensituve IT information to aid their business on a daily basis. It is quite shocking and even somewhat embarrassing but this could make internet security very much more determined to stamp out any malware etc threats if they learn from this. Doubt it, considering how sophisticated it is to try to, but hope the attackers get caught and get very significant jail terms. Link to comment Share on other sites More sharing options...
potter3 Posted 12 May 2017 Share Posted 12 May 2017 1 hour ago, ramboacdc said: and he was me going to go down for a laugh. Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental. 1 hour ago, Wymeswold fox said: This incident will, now probably, somehow, change how the companies affected operate, use and store sensituve IT information to aid their business on a daily basis. It is quite shocking and even somewhat embarrassing but this could make internet security very much more determined to stamp out any malware etc threats if they learn from this. Doubt it, considering how sophisticated it is to try to, but hope the attackers get caught and get very significant jail terms. Companies, especially those as large as the NHS should already have preventative measures and contingency plans should an infection occur. Yet it's somehow spread to 25 different sites Link to comment Share on other sites More sharing options...
ramboacdc Posted 12 May 2017 Share Posted 12 May 2017 36 minutes ago, potter3 said: Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental. im 3 episodes behind but i have read the manga and know it goes crazy..trust me you are in for a lot more. Link to comment Share on other sites More sharing options...
potter3 Posted 12 May 2017 Share Posted 12 May 2017 20 minutes ago, ramboacdc said: im 3 episodes behind but i have read the manga and know it goes crazy..trust me you are in for a lot more. Haha fair enough. I might've read it if I'd have known it was going to be a four year wait Link to comment Share on other sites More sharing options...
ajthefox Posted 12 May 2017 Share Posted 12 May 2017 1 hour ago, potter3 said: Completely off topic, but you been watching the new season of AoT? Last episode was pretty mental. Companies, especially those as large as the NHS should already have preventative measures and contingency plans should an infection occur. Yet it's somehow spread to 25 different sites It's hit thousands of companies across the globe but yeah, the NHS are just shit aren't they? Link to comment Share on other sites More sharing options...
Guest seanfox778 Posted 12 May 2017 Share Posted 12 May 2017 This is like Die Hard 4.0, we need John McClane and Silent Bob. Link to comment Share on other sites More sharing options...
orangecity23 Posted 12 May 2017 Share Posted 12 May 2017 Hopefully someone can use this opportunity to explain to our strong and stable Prime Minister that when she demands backdoor access to Computer systems and phones so that Terrorists can be stopped (but we'll be using it on everyone, PS we'll be saving all your internet history so that the Food Standards Agency and The Welsh Ambulance Service can access it, because TERRORISTS), that it creates vulnerabilities that other states and cyber criminals will use to attack our IT infrastructure. There is no such thing as a security backdoor that will only be available to the "good guys", if its there it could be attacked by anyone. EDIT - obviously this attack is a standard ransomware bitlocker style attack, but it shows how much damage can be inflicted by common crims, christ knows what damage a more advanced attacker could cause. Link to comment Share on other sites More sharing options...
Webbo Posted 13 May 2017 Share Posted 13 May 2017 6 hours ago, orangecity23 said: Hopefully someone can use this opportunity to explain to our strong and stable Prime Minister that when she demands backdoor access to Computer systems and phones so that Terrorists can be stopped (but we'll be using it on everyone, PS we'll be saving all your internet history so that the Food Standards Agency and The Welsh Ambulance Service can access it, because TERRORISTS), that it creates vulnerabilities that other states and cyber criminals will use to attack our IT infrastructure. There is no such thing as a security backdoor that will only be available to the "good guys", if its there it could be attacked by anyone. EDIT - obviously this attack is a standard ransomware bitlocker style attack, but it shows how much damage can be inflicted by common crims, christ knows what damage a more advanced attacker could cause. Do terrorists normally comunicate via the the NHS computer system? Link to comment Share on other sites More sharing options...
The Doctor Posted 13 May 2017 Share Posted 13 May 2017 34 minutes ago, Webbo said: Do terrorists normally comunicate via the the NHS computer system? Do terrorists normally communicate by Facebook? Almost certainly not (FB messenger isn't end to end encrypted), not stopped the US putting together plans to demand social media passwords. But, it's possible an NHS computer has been roped into a botnet, in which case it's possible it's being used to send terrorist communications and being utilised for cyber attacks. But you don't need a snoopers charter for that, you don't need to introduce massive vulnerabilities to computer systems to catch it - you don't need to steal millions of people's private data and leave them open to malicious attacks to maybe catch a couple of terrorists (and that's a big maybe, they'll use end to end encryption as standard, and likely use a few quantum cryptography techniques to make it obvious to them when they've been compromised); the cost is not worth it. Link to comment Share on other sites More sharing options...
Webbo Posted 13 May 2017 Share Posted 13 May 2017 3 minutes ago, The Doctor said: Do terrorists normally communicate by Facebook? Almost certainly not (FB mirrelevantnger isn't end to end encrypted) , not stopped the US putting together plans to demand social media passwords. But, it's possible an NHS computer has been roped into a botnet, in which case it's possible it's being used to send terrorist communications and being utilised for cyber attacks. But you don't need a snoopers charter for that, you don't need to introduce massive vulnerabilities to computer systems to catch it - you don't need to steal millions of people's private data and leave them open to malicious attacks to maybe catch a couple of terrorists (and that's a big maybe, they'll use end to end encryption as standard, and likely use a few quantum cryptography techniques to make it obvious to them when they've been compromised); the cost is not worth it. I thought we were talking about snapchat and whatsapp, that kind of thing? My point was that this hack is irrellevant to what the govt is trying to do about terrorism. Link to comment Share on other sites More sharing options...
The Doctor Posted 13 May 2017 Share Posted 13 May 2017 16 minutes ago, Webbo said: I thought we were talking about snapchat and whatsapp, that kind of thing? My point was that this hack is irrellevant to what the govt is trying to do about terrorism. The government are demanding more vulnerabilities in systems to snoop - that will open systems up to more attacks like this even though it's not the primary intention of the vulnerability. Link to comment Share on other sites More sharing options...
Monk Posted 13 May 2017 Share Posted 13 May 2017 It is shocking the number of large organisations still using windows XP, and paying Microsoft a fortune to keep it safe. The ones that don't pay microsofts ransom will be the ones exposed. No surprise to see the NHS on the list but a call to action if there ever was one! Link to comment Share on other sites More sharing options...
Collymore Posted 13 May 2017 Share Posted 13 May 2017 I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? Link to comment Share on other sites More sharing options...
Tielemans63 Posted 13 May 2017 Share Posted 13 May 2017 Russia really are taking the piss these days aren't they? I know that the perpetrators aren't known but they'll be Russian won't they? You just know it. The level of provocation from that country is really quite worrying. Link to comment Share on other sites More sharing options...
Innovindil Posted 13 May 2017 Share Posted 13 May 2017 3 minutes ago, Collymore said: I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? The trouble with paying the ransom is there is no guarantee they will "unlock" the computer(s). They could just ask for more and more money. Plus, if you pay once then they know the ransomware works and will probably target you again. Iirc there isn't a way to get rid of it without paying though. At least there wasn't the last time I read up on it, which was some time ago. Link to comment Share on other sites More sharing options...
Innovindil Posted 13 May 2017 Share Posted 13 May 2017 5 minutes ago, Paddy. said: Russia really are taking the piss these days aren't they? I know that the perpetrators aren't known but they'll be Russian won't they? You just know it. The level of provocation from that country is really quite worrying. A 12 year old could be running this from his garden shed. The ransomware is pretty much readily available for anyone who fancies using it. Better to wait to see if they can find out who it is before jumping to conclusions. Link to comment Share on other sites More sharing options...
sphericalfox Posted 13 May 2017 Share Posted 13 May 2017 The majority of systems/networks that have been shut down are a precautionary measure. the assumption by the media that the ransomware has been successful and actually has infected these systems is false. There are Trusts and networks which have been infected, but it's not as widespread as what is being reported. It's a preventative measure, and unfortunate one that's impacting services, but a necessary one. Link to comment Share on other sites More sharing options...
DB11 Posted 13 May 2017 Share Posted 13 May 2017 50 minutes ago, Collymore said: I take it it's £300 X every computer infected so would run into the millions? Or is it £300 to get rid of it all? They've mentioned their ICT experts are working around the clock to fix it, would it be not best to pay the ransom and then plan on making it safe for the future? That's very naive thought process. Do you not think they'd leave a backdoor in the system to keep doing it again and again if you pay the ransom Link to comment Share on other sites More sharing options...
yorkie1999 Posted 13 May 2017 Share Posted 13 May 2017 Don't get this, surely the NHS has some sort of IT department or contracts a company to look after the systems and install hardware etc. It is the responsibility of whoever sorts their systems out to ensure this sort of stuff doesn't happen. Link to comment Share on other sites More sharing options...
sphericalfox Posted 13 May 2017 Share Posted 13 May 2017 2 minutes ago, yorkie1999 said: Don't get this, surely the NHS has some sort of IT department or contracts a company to look after the systems and install hardware etc. It is the responsibility of whoever sorts their systems out to ensure this sort of stuff doesn't happen. The use of the word 'hacked' isn't entirely accurate. The breaches have occurred through network users clicking through on dodgy links etc. The firewalls haven't been hacked. The IT departments can't stop idiots users unfortunately, despite organisations explicitly telling users NOT to click on links or opening questionable emails or emails with attachments that come from someone they don't know within their working circles. Link to comment Share on other sites More sharing options...
yorkie1999 Posted 13 May 2017 Share Posted 13 May 2017 9 minutes ago, sphericalfox said: The use of the word 'hacked' isn't entirely accurate. The breaches have occurred through network users clicking through on dodgy links etc. The firewalls haven't been hacked. The IT departments can't stop idiots users unfortunately, despite organisations explicitly telling users NOT to click on links or opening questionable emails or emails with attachments that come from someone they don't know within their working circles. Which begs the question What are they going to do to stop it happening again? and if there's an answer to that, why wasn't that solution implemented in the first place? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.