NHS! Attacked

mcshroom · 13 May 2017

The Reg first reported in early 2014 how vast sections of the UK public sector was set to miss Microsoft’s April 2014 kill date for XP.

The government had agreed a temporary framework support agreement with Microsoft which guaranteed delivery of special security patches for a year. That agreement ended on April 14 2015 after it was decided not to go for a second year.

Individual government departments and agencies were free to sign their own extended support agreements with Microsoft. ®

https://www.theregister.co.uk/2016/12/08/windows_xp_nhs_still/

ufkacbln · 13 May 2017

User33236 said:
Many XP machines still currently used in the NHS are older machines, with plenty of operational life left, running legacy software that the manufacturer has not made compliant with newer operating systems.

In all the cases I am aware of these systems are not connected to the trusts network.

I am one of the cases in question.

The software that we run on the scanners is XP based, but far from the original, and still used with new scanners. We are connected to a PACS (imaging system) that stores the images, and that is connected to the network to allow access to images on the wards

The Companies spend a lot of money updating, writing imaging and processing protocols, quality assurance, diagnostics and a whole range of other tasks.

We even have one running on AIX /UNIX

User said:
I'm sure people will use lack of money as an excuse - but that's often just pitiful arse covering. IT is a core function for any NHS organisation (be it a GP practice or a major acute trust) and competent managers will be costing equipment and software upgrades into their annual budgets.

Not the case at all many systems simply run on older software and updating is not a possibility

It is nothing at all to do with competence, budget or finance,

Levo-Lon · 13 May 2017

Labour will ban all hacking ...

Nigel-YZ1 · 13 May 2017

I'd be interested to know what the initial attack vector was. Is this an email campaign or the result of direct hacking?

Crackle · 13 May 2017

Drago said:
Allowing access to patient records and scheduling software on the same machines that email and day to day rubbish are run on is the major vulnerability. Convenience placed ahead of security and business continuity.

Almost certainly those systems are not on the machine. The machine is just a client that accesses them.

DaveReading · 13 May 2017

Nigel-YZ1 said:
I'd be interested to know what the initial attack vector was. Is this an email campaign or the result of direct hacking?

I may be wrong, but I doubt that any organisation would have the resources to attack so many targets almost simultaneously.

A more likely scenario IMHO is that the ransomware has been infiltrating systems for weeks and even months, but with a trigger that didn't activate it until a specific date.

ufkacbln · 13 May 2017

Nigel-YZ1 said:
I'd be interested to know what the initial attack vector was. Is this an email campaign or the result of direct hacking?

Interesting article that may partially answer some of your questions

DaveReading · 13 May 2017

What you need to know about the WannaCry Ransomware

midlife · 13 May 2017

Crackle said:
Almost certainly those systems are not on the machine. The machine is just a client that accesses them.

True, our patient management software and data (SOEL Health), and x-ray system (PACS) is on a central server somewhere and our PC's are just clients. I think a version of Citrix is used.

However we are expected to write letters, get info off the internet, prepare powerpoint etc and for that what we use everywhere are basically just bog standard Windows PCs (XP and Windows 7 here). They have been crippled in BIOS so we can't write to CD or memory stick though.

Shaun

bruce1530 · 13 May 2017

Inertia said:
DO you have a source that says they arent vulnerable btw? I have found some articles that say it is.

That was the original diagnosis from a source I generally trust (but contractually cannot discuss in public) - however it appears that that info may not be entirely correct, as MS have now taken the unprecedented step of issuing a patch for XP (and various other legacy operating systems) even though it has been unsupported for 2 years.

More info on https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ - including download links - although that download site seems to be collapsing under load at the moment...

marinyork · 13 May 2017

mcshroom said:
https://www.theregister.co.uk/2016/12/08/windows_xp_nhs_still/

XP is getting the blame for a lot of this in the papers, as an NHS contractor we updated our machines from XP to windows 7 in March and April (running till the very end of April). It didn't cost very much at all for the 'upgrade' programme in my company. They just delayed it and delayed it.

It's quite scary that some of the trusts infected 6 months ago have been reinfected again.

SteveF · 13 May 2017

Interesting that Amber Rudd is saying lessons need to be learned, Jeremy Hunt has been a bit quiet.......

ufkacbln · 13 May 2017

Because it is a Home Office issue?

Joffey · 13 May 2017

Inertia said:
Apparently some of the NHS machines are still using XP due to lack of funds to replace them, XP isnt supported anymore and wont be patched.

I know the Mirror is anti-Tory but this story is worrying:

http://www.mirror.co.uk/news/uk-news/tories-cut-security-support-outdated-10413160

numbnuts · 13 May 2017

Worrying indeed, but why haven't all hospitals been affected

NHS! Attacked

mcshroom

Bionic Subsonic

ufkacbln

Guest

Levo-Lon

Guru

Nigel-YZ1

Guru

Crackle

..

DaveReading

Don't suffer fools gladly (must try harder!)

ufkacbln

Guest

DaveReading

Don't suffer fools gladly (must try harder!)

midlife

Legendary Member

bruce1530

Guru

marinyork

Resting in suspended Animation

SteveF

Guest

ufkacbln

Guest

Joffey

Big Dosser

numbnuts

Squire

Similar threads