Ransomware cyberattack on various NHS hospitals

I feel the need to point out that this attack isn't NHS-specific, and probably didn't target the NHS. It's ransomware which spreads through old Windows machines via file sharing, I believe (which is why the NHS was hit so bad - patient data). Some poor sod probably clicked on the wrong thing in an email and it sorta escalated. Very, very unfortunate that it's ended up here, though.

Incineroar said:

How will companies be able to get across the point that accepting random emails is not necessarily a good thing, let alone opening them, and how will people be able to protect themselves from ransomware in the future?

Click to expand...

Mandatory basic computer literacy courses for their staff. So many people have no idea how to tell something that looks dangerous from something which doesn't and, at least in the UK, NHS workers aren't explicitly trained on this (as far as I'm aware).

Will antivirus software ever be able to keep up to the evolving form of money grabbing and be able to stop ransomware before it becomes too big?

Click to expand...

Microsoft released a patch for this in March this year for supported computers (which, I believe, don't include XP-based ones; i.e. the software that 90% of NHS computers run on). Antivirus would have been, dare I say, overkill had the NHS just bothered keeping their software up-to-date.

Will the NHS get away from this unscathed?

Click to expand...

Financially, probably; I certainly can't see them paying out to fix this, other than to their own tech people. But undoubtedly this is going to cause big problems for patients and may even cost lives - blood group data, for example, will currently be inaccessible.

Moral: Don't use old windows machines for critical systems.

Honestly when I heard how it spread I felt like shaking my head a little. One of the oldest tricks in the book, preying on user incompetence. I dunno if I would hurry to suggest an upgrade of their operating systems (given the crucial nature of their data and the heavy relliance on stability, which the newer Windows OSs are anything but), but if all else, better Antivirus, spam filters, anti-malware, the works.

And of course a few crashcourses for staff on the importance of web browsing wouldn't go astray either, but of course this is but speculation on my part. The NHS will do what it can to move past this mess and recover.

Nihilego said:

Microsoft released a patch for this in March this year for supported computers (which, I believe, don't include XP-based ones; i.e. the software that 90% of NHS computers run on). Antivirus would have been, dare I say, overkill had the NHS just bothered keeping their software up-to-date.

Click to expand...

Microsoft decided to push an extraordinary update even on older versions of Windows like our beloved Windows XP, even though the support ended on the 8th of April 2014. (source)
This was a forced move, in my opinion, even if this OS is almost 16 years old I still see it installed on lots of PCs in schools and hospitals.
This is not a good thing as it can put data security at great risk and this malware is proving it.

Lucario said:

Moral: Don't use old windows machines for critical systems.

Click to expand...

It wouldn't surprise me if some of the expensive equipment used by the NHS had XPe (embedded) which cannot be upgraded.

Seems like it has stopped for now though there's a chance it may happen again. The way they stopped this by registering a hardcoded domain to check for sandboxing (causing the ransomeware to exit) could suggest this from what I have read.

Lucario said:

Moral: Don't use old windows machines for critical systems.

Click to expand...

This.

Raffy98 said:

Microsoft decided to push an extraordinary update even on older versions of Windows like our beloved Windows XP, even though the support ended on the 8th of April 2014. (source)
This was a forced move, in my opinion, even if this OS is almost 16 years old I still see it installed on lots of PCs in schools and hospitals.
This is not a good thing as it can put data security at great risk and this malware is proving it.

Click to expand...

Indeed, releasing that update to XP was actually a mistake, Microsoft should've forced users to upgrade to newer Windows instead.

Anyway, I follow this guy on YouTube. If anyone wants to see the malware in action, he made a really nice video about this.

You gotta be a real scumbag to target an already underfunded Health system thats on the brink.

they are saying North Korea could be the ones behind the attack or someone using North Korean code

Maki-Nishikino said:

someone using North Korean code

Click to expand...

North Korean code? Any sources? Because the exploits used by WannaCry are from the NSA exploits leaked by the Shadow Brokers

Dter ic said:

North Korean code? Any sources? Because the exploits used by WannaCry are from the NSA exploits leaked by the Shadow Brokers

Click to expand...

someone found north korean code inside the wannacry ransomware it was on stuff like ABC

Hands said:

You gotta be a real scumbag to target an already underfunded Health system thats on the brink.

Click to expand...

Unfortunately, that's just who hackers want to target?the most volatile.

I'm a CS major entering my senior year for my bachelors, and with this news I have been thinking that it might be better to focus on cyber security rather than just software engineering jobs. The wars of the future will be fought in cyberspace, as cheesy as that sounds. I feel as if we will be seeing more ransomware attacks soon. These hackers, and wannabe hackers all over the world are getting a taste of fresh blood.