Cyber attack on British health systems

BBC: NHS cyber-attack: GPs and hospitals hit by ransomware

A major incident has been declared after NHS services across England and Scotland were hit by a large-scale cyber-attack.

Staff cannot access patient data, which has been scrambled by ransomware. There is no evidence patient data has been compromised, NHS Digital has said.

The BBC understands up to 25 NHS organisations and some GP practices have been affected.

It comes amid reports of cyber-attacks affecting organisations worldwide.

Ambulances have been diverted, patients have been warned to avoid some A&E departments, and there has been disruption at some GP surgeries as a result of the attack.

Ransomeware – where rogue code gets into a network and encrypts data, often as simply as via an email attachment click on by one person – has been common for years, although it has been getting increasingly sophisticated.

Once data is encrypted large amounts of money are demanded to unencrypt the data – with no guarantee it will be done or will be successful.

I know of a number of companies who have been affected, usually a major or full system restore is required.

This attack on the NHS may be much the same except it is has simply been an escalation of scale in a large and critical organisation.


UPDATE: The problem seems to be more widespread.

Fox News: Cyber attack spreads across 74 countries; some UK hospitals crippled

Cyber attacks that hit 74 countries across Europe and Asia Friday, impacting the public health system in Britain, apparently involved a leaked hacking tool from the National Security Agency.

NHS Digital, which oversees cybersecurity in Britain, said the attack did not specifically target the NHS and “is affecting organizations from across a range of sectors.” In total, 16 NHS organizations said they were affected.

The attack used ransomware, which is malware that encrypts data and locks a user from their data until they pay a ransom. The tool, which was leaked by a group known as Shadow Brokers, had been stolen.

Microsoft said that they had rolled out a patch to fix the issue, but certain targets, including the hospitals in Britain, had not yet updated their systems.

I’ve updated my Windows systems at home and at work.

The malware was sent via email with a file attached to it. From there, it subsequently spread.

It only takes one person in an organisation to click on a malware attachment to spread it across a network.

The impact of the attacks caused phone lines to go down, appointments to be canceled and patients to be turned away, but there has been no reported evidence of patient data being breached.

It prevents you from accessing data rather than extracts or sends data – at least that’s how these programs have been.

Leave a comment

5 Comments

  1. Alan Wilkinson

     /  May 13, 2017

    Three takeaways – old Microsoft software is full of holes and these institutions haven’t protected themselves from the risks. And this hack exploited software stolen from US spooks at NSA. More reasons not to let the US Govt force backdoors into commercial software.

    Lastly, exploiting Bitcoin for untraceable ransom payments will increase pressure to shut it down.

    Reply
    • Gezza

       /  May 13, 2017

      Aljaz tv reports this NSA-derived ransomware cyber attack has so far spread across 99 countries including Russia where healthcare systems, banks, national security systems among others were hit. But their british ethical hacker expert’s description of what the virus attack’s purpose is made me smile – ‘monetization of poor cyber hygiene’.

      Reply
      • Gezza

         /  May 13, 2017

        This expert also said that the virus appears to only have had the capability to encypt data, without also stealng or copying it and making it available elsewhere. Interestingly he also said, when asked if we could assume because payment by bitcoin is required that it would be impossible to trace the payee or source of the attack, that it would be difficult but that this may now actually be possible?

        Reply
  2. Gezza

     /  May 14, 2017

    Aljaz tv: Europol says this attack is unprecedented in size and scale. Russia has been the worst affected, followed by Ukraine, India & Taiwan. Many of the institutions hit are running systems still based on Windows XP.

    Reply
  1. Cyber attack on British health systems – NZ Conservative Coalition

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s