Hospital computers across England shut down by cyberattack

Seems like more reasons to have medical records at the very least on the blockchain, then we'd have the BACKUPS that these PEOPLE are NOT doing...

I don't understand it, ALL the ransomware attacks can be rendered USELESS if only these companies would have backups DAILY that were stored OFFLINE!

It's not hard to do, I do this already with things that matter to me, like Family Pics n videos and music.

If the hospitals had their data backups on offline storage mediums, when a ransomware attack happens, they can just reinstall their OS and use the backups, if not just restore from a Master Image.

Backups, backups, backups! You really can't have enuff, but when you are backing up day after day, you're protecting yourself that much more. Many companies view backups daily as too costly, but it's really such an important issue I can easily see the public SUING companies for lack of cybersecurity and forethought. It's not hard to hire someone who's SOLE job is to backup the companies data daily and keeping it onsite OFFLINE! Since ransomware can and will target ALL attached devices, servers, drives and files, so unless you really did HIDE your backup well, it's not going to work if it's online.

Someday...

Having spent most of the day cleaning this ransomware from computers in a company related to the company where I work, I can say several things:
- no Internet needed, at least to activate it. In my case we had five computers infected, none of them has Internet connection. Four other computers that are constantly connected to the Internet were not affected. All the computers have Windows 7, except one, that has Windows XP and that, although affected (he got a blue screen) didn't got the ransomware installed;
- it's not an attack directed at the UK's NHS, as it happened in many countries;
- it doesn't look like an exploit of that fault published in March, as one of the affected computers is older than the technology affected;
- it's not that hard to remove, but the encrypted files should be considered lost, unless you have backups;

Well this is sounding severe

....experiencing problem with our windows based systems ....

that'll be the computers then .

Er, with the

A massive ransomware campaign appears to have infected a number of organisations around the world. Computers in thousands of locations have apparently been locked by a program that demands $300 (£230) in Bitcoin. There have been reports of infections in more than 70 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan. Many security researchers are linking the incidents together.

North Koreans?

originally posted by: ArMaP

- it doesn't look like an exploit of that fault published in March, as one of the affected computers is older than the technology affected;

*eyelids narrowing*

a reply to: Tranceopticalinclined
You caused me to have a flashback. I remembered way back before most companies started using computers; there was a time and it really was not that long ago, it was part of my job to back up the computers every night after the end of the day. We backed up to a different disk for each day of the week.

I can only remember twice that we had to use the back-ups. The glitch was caused by a power outage that screwed up the system. When I started my own business I learned the hard way about the necessity of backups and a good UPS unit.

There is a lot more data to back-up today and the systems are a lot more complex, but I would think that critical data may need to be backed-up off line.

So because Trump is President he can blow $80M on a half-assed attack on a Syrian airbase to show the world how big his Johnson is. Well, we're the taxpayers. We're the ones that paid for his $80M fireworks show to impress his Russian boyfriend. Why can't we decide where to target our cruise missiles? How about locating these hackers and drop one on them? Or Rachel (and friends) from card services. Or Canadian Pharmacy.

Statement from Dr Anne Rainsberry, NHS Incident Director “We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need. NHS Digital is investigating the incident and across the NHS we have tried and tested contingency plans to ensure we are able to keep the NHS open for business.”

originally posted by: ArMaP
- it doesn't look like an exploit of that fault published in March, as one of the affected computers is older than the technology affected;

I'm quoting myself because I think I may have been thinking about the wrong exploit.

It looks like this ransomware uses an exploit of a fault in Windows SMB Server, while I was thinking about the fault in Intel chipsets.

But, having said that, I don't know if that Windows SMB fault affects Windows XP or not, as I didn't see it listed on the "affected software" list, but that may be because of lack of support for XP.

a reply to: ArMaP

It does affect XP but unlike the more recent OS, there's no fix for XP because they retired it in 2014 and stopped support, so it's open to all kinds of vulnerabilities which is a shame as it was one of the best OS Microsoft made, I'd still be using it today probably if it supported 64bit.

The market is interesting

Still 7% globally who use XP, that's a lot of vulnerable systems not just vulnerable to this ransomware but other exploits too

So I have done some reading in the WannaCry ransomware.
Bad security practices will lead to your demise..

It uses an exploit found in SMBv2 and a patch for ms office needs to be installed to close up the vulnerability.
The update has been out for a while..

Please check under 'advanced options' in the 'update' section of win10 and make sure 'give me updates for other microsoft products' has been ticked - I suspect this is why so many systems are out of date.

You have the NSA to thank for WannaCry.
Thank you 'Merica

a reply to: ArMaP
I don't think xp supports SMBv2.
So most probably not a target for this one, but already a target for soooo much other malware/ransomware.

a reply to: ArMaP
this could also be a private exploit that got sold to the one that is now using it for his purposes. Highly hypothetical of course.

a reply to: Discotech

XP is still widely used in industrial applications, mostly the ones that were homebrew in-house and work/do the job reliable. Never change a running system. Hell, even some money vendor machines still run a modified XP. Although, unix/linux is most common by far, when it comes to commerial end user products, such as PLCs, network gear, all kinds of stuff.

Btw, correct me if it was not 100% 64bit compatible but there was, and I used it: Windows XP x64.

originally posted by: verschickter
XP is still widely used in industrial applications, mostly the ones that were homebrew in-house and work/do the job reliable.

I think the TV box (or whatever they call it) Vodafone installed at my home uses Windows, but I don't know what version.

Btw, correct me if it was not 100% 64bit compatible but there was, and I used it: Windows XP x64.

It was, and that was why it was so hard to find drivers for it.

If I'm not mistaken it used the same base code as Windows Server 2003.

a reply to: verschickter

I meant if my version supported 64bit, sadly I only had the x86 version and by the time it came for me upgrade the pc and move on from a measly 4gig of Ram in x86 I had access to Microsofts dreamspark so snagged myself a free copy of win 7 Pro because, why not