I think the media are holding back on how severe this attack is.

Here are some quotes going around online:

I'm a doctor in one of the affected hospitals, a major trauma center in London. Everything has gone down. No blood results, no radiology images, there's no group specific blood available. They've declared an internal major incident, the hospital is diverting major trauma and stroke patients. All elective surgery was cancelled from about 1pm. We're not doing anything in theatre that's not life or limb threatening. There will almost certainly be deaths as a result of this

-------

I was working on the wards this morning, currently in the hospital library. Half-tempted to see how the clinical services are coping but I know it'll be chaotic enough already.
SO MUCH is on those computer systems. Appointments, treatment plans, scan results; some hospitals have gone completely computer-based and use it for patient notes & prescriptions.
Unless this is sorted very quickly, there will be patient death and suffering across the country. The people responsible are holding thousands of vulnerable people hostage and should be treated as terrorists.

---------

This is severely affecting service delivery in the major trauma centre I work at. From the simplest thing like viewing a CT scan or blood results, to reading patient notes, even organising safe discharges of patients in the hospital. This is the equivalent of driving a bus up to the hospital doors and barricading the entrances. It is jeopardising the wellbeing of our patients. We are responding by working around the problem - paper notes, hand delivered requests and results, more doctors and nurses working overtime (who already work overtime).

Good luck living with yourselves lads. However much money you get. Edit - although I have just read:

a) It's not specific to the NHS - they are just victims. It is a worm and no conscious decision has been made to attack the NHS. This is just very bad luck. (and piss poor public sector IT)
b) It is spreading through a vulnerability in the Microsoft LAN file sharing protocol.

https://pbs.twimg.com/media/C_omQ0gXkAQkWsT.jpg

Windows 7 PC's are vulnerable apparently.

From the comments, and map on the news, This appears to be English NHS.
NHS Wales must be on a different system.
edit: I don't mean to gloat about being in Wales here!!
Hope they learn to secure data from this.
Don't these big orgs back up their data?
On something like life-critical patient records, this should be a daily task (at least!)

Jeez.

Looks lie a crypto-locker kind of infection.
Spreads like absolute wildfire and will genuinely wipe out all data it gets access to 'unless ransom is paid' - which is absolutely no guarantee/solution anyway.
Possibly unrecoverable on MS Server OS either way.

Major, major f*cked-ness.

If one was cynical and imagined that 'TPTB' UK wanted rid of the NHS. Oh .. here's another big nail.

I've had a couple of clients caught with this type of crypto locker infection over the last couple of years. it's a bastard. all files / photos locked and encrypted.

generally they want about £500 to unlock them. The cases I've assisted meant full format of the hard drive and total data loss rather than risk sending money for nothing and for piece of mind, although some of these 'crooks' I believe do honour the payment.

From the comments, and map on the news, This appears to be English NHS.
NHS Wales must be on a different system.
edit: I don't mean to gloat about being in Wales here!!
Hope they learn to secure data from this.
Don't these big orgs back up their data?
On something like life-critical patient records, this should be a daily task (at least!)

Thank god us folk in Wales haven't had them computer thingy's ,all that electricity was always going to create trouble

Jeez.

Looks lie a crypto-locker kind of infection.
Spreads like absolute wildfire and will genuinely wipe out all data it gets access to 'unless ransom is paid' - which is absolutely no guarantee/solution anyway.
Possibly unrecoverable on MS Server OS either way.

Major, major f*cked-ness.

If one was cynical and imagined that 'TPTB' UK wanted rid of the NHS. Oh .. here's another big nail.
They just said on the news that it's just going to keep spreading until it's worldwide, when I was trying to get rid of that virus before I read loads of stories about people being infected with things since Microsoft installed an update with all their spying settings, I think it was their spying I was actually trying to get rid of all that time, it kept on leaving a connection open so anything could get in, I knew it was not right.

They want payment in bitcoin.
Coincidence that the value of bitcoins went through the roof recently?

They want payment in bitcoin.
Coincidence that the value of bitcoins went through the roof recently?

And the colonel was banging on about liquidising his. :sherlock:

They just said on the news that it's just going to keep spreading until it's worldwide, when I was trying to get rid of that virus before I read loads of stories about people being infected with things since Microsoft installed an update with all their spying settings, I think it was their spying I was actually trying to get rid of all that time, it kept on leaving a connection open so anything could get in, I knew it was not right.

microsoft updates can be treacherous. as a company they have created so much good but can be so bad.

the latest win 10 upgrade (creative edition i think) uses stealth to get people to use the Edge browser, those who still stick with IE have a new tab option that is Edge and it's a fixed feature. The conspiratists will say Edge collects more data, I think it probabbly does.

I've had a couple of clients caught with this type of crypto locker infection over the last couple of years. it's a bastard. all files / photos locked and encrypted.

generally they want about £500 to unlock them. The cases I've assisted meant full format of the hard drive and total data loss rather than risk sending money for nothing and for piece of mind, although some of these 'crooks' I believe do honour the payment.

From memory, on a PC by PC basis! - with time! - it is recoverable , using utils that can restore 'shadow copy' I'm sure I remember a few successes a couple of years back when a version of crypto locker was doing the rounds.
It was hugely time consuming on a PC by PC basis, and as you say - on client/personal machines.
As I recall MS Server OS is not recoverable.
This damage in the NHS will affect any/all of their MS Server machines. Unrecoverable? If so .. feck ..

And the colonel was banging on about liquidising his. :sherlock:

Mate, after having many data-loss troubles in the past you could nuke my PC from orbit and I'd still be able to recover all my essential files from a variety of sources.

is it really a attack though ? ? ?

surely the " Ransomware malware " that has spread in the NHS is just random, yes its got behind the firewall of the NHS, but they are not really being attacked

is it really a attack though ? ? ?

surely the " Ransomware malware " that has spread in the NHS is just random, yes its got behind the firewall of the NHS, but they are not really being attacked

Maybe someone logged onto footymad in their lunch break?

Maybe someone logged onto footymad in their lunch break?

:hehe:

Maybe someone logged onto footymad in their lunch break?

:hehe:

is it really a attack though ? ? ?

surely the " Ransomware malware " that has spread in the NHS is just random, yes its got behind the firewall of the NHS, but they are not really being attacked

??!
Ask the NHS to call Matt - to calm them down.

Maybe someone logged onto footymad in their lunch break?
:hehe:
Fake Nooos.
It is not that bad

??!
Ask the NHS to call Matt - to calm them down.

I m sure you know what i mean

the NHS are not under a specific attack, the attackers did not set out to attack them

I m sure you know what i mean

the NHS are not under a specific attack, the attackers did not set out to attack them

Nope. Don't get what you mean?

Nope. Don't get what you mean?

Look mate, blue matt was best man at the NHS's wedding and the NHS specifically told him that if it ever felt under attack it would call him for assistance immediately so ergo, this is not an attack.

microsoft updates can be treacherous. as a company they have created so much good but can be so bad.

the latest win 10 upgrade (creative edition i think) uses stealth to get people to use the Edge browser, those who still stick with IE have a new tab option that is Edge and it's a fixed feature. The conspiratists will say Edge collects more data, I think it probabbly does.
I nearly destroyed my laptop trying to stop it, I still don't think it's right, haven't done any updates for ages in case they put any more crap in.

Look mate, blue matt was best man at the NHS's wedding and the NHS specifically told him that if it ever felt under attack it would call him for assistance immediately so ergo, this is not an attack.

Oooof! Jeez.. Thanks. :thumbup:
Pheew!

What an absolutely ****ing horrible thing to do and target. I hope the private sector relinqueshes its resources as best it can to help in whatever way it can.

I don't care when they target people for money but to stop and prevent medical care to people is as low as it gets.

I nearly destroyed my laptop trying to stop it, I still don't think it's right, haven't done any updates for ages in case they put any more crap in.

Microsoft have already patched this particular vunerability in a recent update. The NHS trusts haven't updated, so this ransomware has made it in.

It's not a targeted attack on the NHS. They just happen to have lots of machines that haven't had any security updates applied since at least March.

Some previous Crypto Ransomware has been cracked previously by anti virus companies and security types. Hopefully this variant will be cracked as well.

Microsoft have already patched this particular vunerability in a recent update. The NHS trusts haven't updated, so this ransomware has made it in.
I was all up to date when I noticed the problem but had no idea at the time it was the update, I was slagging my son in law off for making some dodgy xbox live connection and blaming him for it all. :hehe:

Oooof! Jeez.. Thanks. :thumbup:
Pheew!

Must be hard going through life being a suck hole? Take my hat off to you.

I was all up to date when I noticed the problem but had no idea at the time it was the update, I was slagging my son in law off for making some dodgy xbox live connection and blaming him for it all. :hehe:

It was more likely to be caused by all your dodgy midget porn than your son's Xbox

It was more likely to be caused by all your dodgy midget porn than your son's Xbox
:hehe: My worst nightmare.

I was all up to date when I noticed the problem but had no idea at the time it was the update, I was slagging my son in law off for making some dodgy xbox live connection and blaming him for it all. :hehe:

You'd have thought she would have learnt from her previous experience of making public accusations about innocent victims which proved to be totally false....:-) Hope you apologized to him, at least....

You'd have thought she would have learnt from her previous experience of making public accusations about innocent victims which proved to be totally false....:-) Hope you apologized to him, at least....
:hehe: I publicly apologized to you and have said it loads of times since, what more do you want? :tongue:

:hehe: I publicly apologized to you and have said it loads of times since, what more do you want? :tongue:

Can I give that a little thought?

I m sure you know what i mean

the NHS are not under a specific attack, the attackers did not set out to attack them
I understand what you're saying Matt.

I understand what you're saying Matt.

:thumbup: cheers

as did the others :wave:

Scotland effected also, Wales and NI both fine

Scotland effected also, Wales and NI both fine
Jimmy Krankie in resistance meeting

They've got 50 primary schools holding reflective foil in the hope it deflects the virus

:thumbup: cheers

as did the others :wave:
Course they did they think it's clever to put you down gang handed.

Weasels.

Can I give that a little thought?
Give it a lot of thought if you like. :biggrin:


:thumbup: cheers

as did the others :wave:
:hehe:

When you think about it, the technological advances made in the past quarter of a century have been gigantic. Those of us old enough to remember what was considered cutting edge back in the early nineties can only shake our heads in wonderment at what's possible now. However, although humans have been responsible for creating the environment in which these amazing leaps forward have been achieved, I can't help thinking that our race is, if anything, regressing as all of the things that are supposed to improve the quality of our lives become taken for granted.

I say that in particular when it comes to things like morality, ordinary decency and ethics. That probably makes me sound like some sort of prude, but, increasingly, I look at some many facets of our existence today and think that the human race took a wrong turning somewhere around the end of the last century. There have always been financially greedy people around, but there's almost a greed is good culture these days which extends into so much of our lives in ways that stretch beyond the corporate and political spheres.

I see some in this thread have said that this cyber attack was not aimed at the NHS. Now, maybe I'm jumping to a wrong conclusion here and I apologise in advance to those involved if I am, but that sounds to me as if they are, if not condoning what happened yesterday, then implying at least that it's not as bad as has been made out.

My view is quite different to that - if there is any evidence that a single person died or will die as a result of how the NHS was effected yesterday, I hope the greedy bastards responsible are charged with murder if they are identified.

When you think about it, the technological advances made in the past quarter of a century have been gigantic. Those of us old enough to remember what was considered cutting edge back in the early nineties can only shake our heads in wonderment at what's possible now. However, although humans have been responsible for creating the environment in which these amazing leaps forward have been achieved, I can't help thinking that our race is, if anything, regressing as all of the things that are supposed to improve the quality of our lives become taken for granted.

I say that in particular when it comes to things like morality, ordinary decency and ethics. That probably makes me sound like some sort of prude, but, increasingly, I look at some many facets of our existence today and think that the human race took a wrong turning somewhere around the end of the last century. There have always been financially greedy people around, but there's almost a greed is good culture these days which extends into so much of our lives in ways that stretch beyond the corporate and political spheres.

I see some in this thread have said that this cyber attack was not aimed at the NHS. Now, maybe I'm jumping to a wrong conclusion here and I apologise in advance to those involved if I am, but that sounds to me as if they are, if not condoning what happened yesterday, then implying at least that it's not as bad as has been made out.

My view is quite different to that - if there is any evidence that a single person died or will die as a result of how the NHS was effected yesterday, I hope the greedy bastards responsible are charged with murder if they are identified.

Hear hear

:thumbup: cheers

as did the others :wave:

You said:
"the NHS are not under a specific attack, the attackers did not set out to attack them"

Made no sense at the time. Makes a bit more sense now that the story has evolved ;)

When you think about it, the technological advances made in the past quarter of a century have been gigantic. Those of us old enough to remember what was considered cutting edge back in the early nineties can only shake our heads in wonderment at what's possible now. However, although humans have been responsible for creating the environment in which these amazing leaps forward have been achieved, I can't help thinking that our race is, if anything, regressing as all of the things that are supposed to improve the quality of our lives become taken for granted.

I say that in particular when it comes to things like morality, ordinary decency and ethics. That probably makes me sound like some sort of prude, but, increasingly, I look at some many facets of our existence today and think that the human race took a wrong turning somewhere around the end of the last century. There have always been financially greedy people around, but there's almost a greed is good culture these days which extends into so much of our lives in ways that stretch beyond the corporate and political spheres.

I see some in this thread have said that this cyber attack was not aimed at the NHS. Now, maybe I'm jumping to a wrong conclusion here and I apologise in advance to those involved if I am, but that sounds to me as if they are, if not condoning what happened yesterday, then implying at least that it's not as bad as has been made out.

My view is quite different to that - if there is any evidence that a single person died or will die as a result of how the NHS was effected yesterday, I hope the greedy bastards responsible are charged with murder if they are identified.

I think Blue Matt is correct. The NHS got "unlucky". But me saying that isn't implying it's any less serious.

The UK Government states, categorically, that it will pay no ransoms for victims of kidnap. The same policy should apply here, so it's up to the IT Crowd to fix it. I'm sure they can, if their network is being replicated and backed up.

However, once back up, the fallout will be a scam of internet sites visited by employees using NHS hardware. Any abuses are likely to be dealt with severely - even if they were not the cause of this incident.

You said:
"the NHS are not under a specific attack, the attackers did not set out to attack them"

Made no sense at the time. Makes a bit more sense now that the story has evolved ;)
I thought it made perfect sense at the time.

You said:
"the NHS are not under a specific attack, the attackers did not set out to attack them"

Made no sense at the time. Makes a bit more sense now that the story has evolved ;)

The story had evolved long before Matts comment. Give the guy a break ffs,

I've just smashed my computer up to be sure I don't get infected.

Microsoft have released a patch that will close off this weakness in XP

The story had evolved long before Matts comment. Give the guy a break ffs,

feck me ! Behavioral advice from Polo :facepalm: :hehe:

Yeah sure I can do that. I know when I'm in the wrong and happy to admit it when I am - as Matt knows.

Perhaps you, Tandy and 'Kris' (sadly, still little better than a grudge-bearing pedant!) could chug on a bit of self-awareness and humility now and again :thumbup:

feck me ! Behavioral advice from Polo :facepalm: :hehe:

Yeah sure I can do that. I know when I'm in the wrong and happy to admit it when I am - as Matt knows.

Perhaps you, Tandy and 'Kris' (sadly, still little better than a grudge-bearing pedant!) could chug on a bit of self-awareness and humility now and again :thumbup:

Will try my best

http://www.mirror.co.uk/news/uk-news/tories-cut-security-support-outdated-10413160

"decided not to extend a £5.5million one-year support deal with Microsoft for Windows XP. "

XP .. :ohwell:

There's no money for anything in the NHS nor Local Gov't.
Not going to get any better during the Brexit negotiation period either.
And after Brexit - none of us can know - yet.

'Kris' (sadly, still little better than a grudge-bearing pedant!)

:facepalm:

https://amp.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

"decided not to extend a £5.5million one-year support deal with Microsoft for Windows XP. "

XP .. :ohwell:

There's no money for anything in the NHS nor Local Gov't.
Not going to get any better during the Brexit negotiation period either.
And after Brexit - none of us can know - yet.

I agree. We can't blame the Government directly, but it's happened on their watch that the NHS took a risk because it had to.

Remember, under the snooper's charter, organisations such as this will have access to all sorts of data. Apparently, this data will be stored securely. I'm confident.

https://amp.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

What happens if the source code is changed to look at a new URL?

I agree. We can't blame the Government directly, but it's happened on their watch that the NHS took a risk because it had to.

Remember, under the snooper's charter, organisations such as this will have access to all sorts of data. Apparently, this data will be stored securely. I'm confident.

Indeed.

Having said all that, I've been involved in Windows OS upgrade rollouts I can understand that there are other reasons, but it all comes down to cost in the end.

The trouble is - old programs and systems that are still in use and relied on - but with no upgrade path - and which may simply not work with newer versions of Windows, or Office or 64bit OS et etc.
There is little point in rolling out any Windows OS other than 10 because the same pain will happen again when end of support occurs
There may dozens of these old apps that make the OS upgrade an almost unthinkable task, and of course while that happens the aging OS (XP in this case) becomes increasingly more vulnerable.
It needs money - money and time for developers to find a solution to the aging programs and money, time and effort for a massive, orchestrated OS roll out.

They really should have paid for the extended support for XP, even though it seems ridiculous.
And now they will likely be be forced to roll out an OS upgrade rollout too quickly, underfunded 9as not budgeted for) and under huge pressure. And thus feck it up.

As will other Organisations who have been chancing it because 'its all a bit to difficult/costly', and who now cannot risk chancing it any longer.

All down to money, and too little of it where it is needed.

No one yet knows who is responsible - doubtful we will ever know for sure - and as per all cyber attacks it could be a number of people / criminal gangs.

Bob - malware is a script written by someone to exploit weaknesses in certain operating systems , the Malware doesnt know what the organisation is, it could be your company's server and PCs - it could be a childrens school. It just looks for weaknesses - then delivers the payload - and then waits for money to be transferred to bank account, often Northern Cyprus or such unregulated areas - or bitcoin.

The method of delivery could be anything from infected usb sticks - that run a script automatically when plugged in. They could have been given away for free by someone at an exhibition or it could be spread via email.

Malware is a cat and mouse game - when the mouse is caught a new mouse appears somewhere else - unfortunately

Yes, I'm aware what malware is, but anyone who uses it as a means of making money for themselves must be aware that there could be consequences that spring from their actions. If people end up dying because of yesterday who would otherwise be alive, then the book should be thrown at those responsible - although, as you say, I wonder if we'll ever find out who it was.

"decided not to extend a £5.5million one-year support deal with Microsoft for Windows XP. "

XP .. :ohwell:

There's no money for anything in the NHS nor Local Gov't.
Not going to get any better during the Brexit negotiation period either.
And after Brexit - none of us can know - yet.

I'm biased I know, but it seemed to me that all Amber Rudd was interested in doing in the radio interview I heard this morning was deflect attention away from the Government.

Yes, I'm aware what malware is, but anyone who uses it as a means of making money for themselves must be aware that there could be consequences that spring from their actions. If people end up dying because of yesterday who would otherwise be alive, then the book should be thrown at those responsible - although, as you say, I wonder if we'll ever find out who it was.

Given the nature of the crime, perhaps they should throw a notebook...

I'm biased I know, but it seemed to me that all Amber Rudd was interested in doing in the radio interview I heard this morning was deflect attention away from the Government.

A month or so ago, when she was doing her necessary hashtags thing, she was calling for backdoors built-in to software to stop terrorism. This is the type of thing that happens when there are backdoors.

Can anyone really say its worth it?

Good luck with tracing down some anonymous gang in North Cyprus or the Cayman Islands etc.

Hopefully this is a wake up call for the individual health boards to cyber sec a bit more seriously. They have access to free IT cyber advice from the Govt, as well as an almost endless supply of resource for this.

in 2013 the Govt placed Cyber crime as a tier 1 threat - which is basically on the level as nuclear war, national security secrets, terror attacks etc.

:sherlock:

1482
Private eye from back in 2014.
This was predictable.

Good luck with tracing down some anonymous gang in North Cyprus or the Cayman Islands etc.

Hopefully this is a wake up call for the individual health boards to cyber sec a bit more seriously. They have access to free IT cyber advice from the Govt, as well as an almost endless supply of resource for this.

in 2013 the Govt placed Cyber crime as a tier 1 threat - which is basically on the level as nuclear war, national security secrets, terror attacks etc.

An over-arching IT overhaul takes Money. It really does.
Is there any?
As far as we know - no - there is not.

Governments will bail out Banks - they 'cannot be allowed to fail'.
But the NHS?
Will the Gov't - or prospective Gov't - offer to fund an IT overhaul of the NHS (or any other vital but underfunded National services )?