NHS, IT & Ransomware

Discussion in 'Taylor's Tittle-Tattle - General Banter' started by Bwood_Horn, May 16, 2017.

  1. Bwood_Horn

    Bwood_Horn Squad Player

    I was going to stick this in one of the party political threads but I felt it was in the wrong place (although there was a discussion about the NHS & IT). A while ago, Private Eye's podcast did look, briefly, at the last "big" public/sector (NHS) IT fiasco (be warned it's full of quite a few "WTF" moments):

    http://www.private-eye.co.uk/eyeplayer/play-313

    Something that I heard on R4 this morning was that the current piece of ransomware hasn't been spread by spam/email but is a vulnerability in the Windows operating system. [SMUG-LINUX-USER] Is that right?[/SMUG_LINUX-USER]
     
  2. Diamond

    Diamond Squad Player

    Yes, it's a hole in Windows. Now patched apparently. My own IT department are doing the usual closing of stable doors and appear to have got away with it this time. To be safe I've backed up my own departments files and put them well off the network.
     
  3. sydney_horn

    sydney_horn Reservist

    What gets me is how the NHS and other organisations are blamed for this rather than the focus being on the scum that perpetrated the crime. This is no different from someone going into a hospital, taking vital equipment and then demanding the NHS to pay for it to be given back.

    Even though they didn't pay, the NHS and other organisations have to pay millions annually just to keep their IT systems safe. That money could be used for patient care.

    It's about time that cyber crime be treated in the same way as armed robbery. At the moment 'hackers' are portrayed as some kind of genius heroes putting one over the man. The truth is that most are kids using very basic code and apps freely available, if you know where to look, that exploit vulnerabilities in system software. The recent developments in state organised cyber crime and the increased involvement of organised crime is more worrying.

    It needs a world wide approach but it would be a great start if this country led the way by making it a mandatory life sentence for any person convicted of unauthorised access to or deliberately disrupting a computer system.

    Until there is a proper deterrent this problem is going grow especially amongst a certain part of the youth culture that see it as cool.
     
    K9 Hornet, zztop and oxhey67 like this.
  4. Bwood_Horn

    Bwood_Horn Squad Player

    TBF, the only blaming was being made by Amber Rudd for the early part of the news cycle when the ransomware was first announced. I'm certain she received some strong advice to "...shut up..." from someone higher up in the party.
     
  5. jw-

    jw- Reservist

    It wasn't just a case of running Windows, but running versions of Windows that Microsoft no longer support.
     
  6. jw-

    jw- Reservist

    I think this is outdated thinking in the current age. IT is a vital part of patient care, and as a result so is security. Keep hospitals and equipment clean is part of patient care. Keeping computer systems that deliver services safe and up-to-date is also part of patient care.
     
  7. Diamond

    Diamond Squad Player

    There was a rumour that this is due to Windows XP computers being used extensively in the NHS, then yesterday I heard that this ransomware doesn't run on XP.
     
  8. KelsoOrn

    KelsoOrn Squad Player

    Very fair but a bit draconian? Surely a distinction needs to be made between a clever young hacker simply gaining access and organised criminals doing it for the purposes of extortion.

    Maybe it would be best to give all the 'clever young hackers' proper, well-paid jobs in IT security?
     
  9. Arakel

    Arakel First Team

    Few things on this:

    1. Many of the exploited PCs were running outdated versions of Windows that no longer receive security patches. This is down to pants-on-head stupidity by businesses refusing to phase out unsupported OSes. If you voluntarily continue to run an unsupported OS in your enterprise environment AND let it remain internet/network enabled, you're an utter imbecile.

    2. A security patch was released for this vulnerability at least two Microsoft patch cycles ago. Any enterprise following industry standard best practices (i.e. install Microsoft security patches borderline immediately) would have been protected from this outbreak. Being behind on security by multiple patch cycles is incredibly risky.

    3. Linux/Mac smugness is misplaced. Linus has issues to mitigate, just like Windows. I know this because I've been responsible for mitigating the results of security audits in the past. I've lost count of the number of attack vectors I've closed on Linux appliances and OSes. ALL operating systems can be (and have been) compromised. Anyone who thinks otherwise is deluding themselves.

    4. The source of the ransomware breakout in this case is called "EternalBlue". It's an exploit stemming from a NSA tool that back-doors into Windows. Those who remember the thread about end-to-end encryption a few weeks back might recall many of the less tech savvy denizens of this board pooh-poohing the risk of government overrides and back-doors built into otherwise secured devices. Well, here is a perfect example of why it's a bloody stupid thing to facilitate.
     
    Bwood_Horn likes this.
  10. hornmeister

    hornmeister Administrator Staff Member

    Thanks an interesting read.
    Regarding point 1, many people have had to not upgrade their systems becasue they rely on programs not compatible with newer ones. I for example still have a Windows 95 machine which runs an excellent little drawin package I can't for the life of me get to run on anything higher than XP.

    It is however not on the net of course
     
  11. Bwood_Horn

    Bwood_Horn Squad Player

    I haven't bothered to "tinker" with my linux systems for ages so you're right I have become a bit complacent. But, I'm assuming the issues you were talking about were at the server level (Apache?) not on anyone's personal device?

    I have the linux "anti-virus" installed on all of my devices (ClamTK) since I moved to linux in 2012 and so far it's just sat there (of course it hasn't - it's been doing its job).

    I'd forgotten just how powerful (and frightening) linux can be as, after reading that link I'd posted, by installing the anti-root kit apt (suite of programs) rkhunter - I've just spend the last 25 minutes trying to work out what the major errors were on my PC - it turns out rkhunter detected the installation and update of "rkhunter" and wasn't "happy" about it.
     
  12. Arakel

    Arakel First Team

    The bolded part is, of course, the really important bit. ;)

    My recommendation to an employer for situations like this is just to replace the app with something more modern, but disconnecting the machine from the network is imperative if that's deemednot an option.

    Both, although my focus is obvious on Linux server technologies. The golden rule to remember is that nothing is impenetrable. Some apps and OSes can achieve security through obscurity, but that doesn't mean someone trying to break them can't do so. It just means that exploiters are spending their time elsewhere.

    MacOS and Linux have gained a mythical reputation for being "safe" from security flaws and vulunerabilities. They're really not. Check out Ubuntu's page on recent security updates, for example:

    https://www.ubuntu.com/usn/

    Windows' disadvantage simply stems from the fact it's the top dog and has the lion's share of effort directed against it. White hat hacking competitions frequently highlight the vulnerability of each and every system, and often the apps or OSes that fall first aren't the ones you'd expect to.
     
    Bwood_Horn and hornmeister like this.
  13. Bwood_Horn

    Bwood_Horn Squad Player

    Well today's fishal umbongo update contained a large number (6) of "Anti-virus" 'things'. I *think* it's the first time I've ever seen these (I've been a user since 2004).
     
  14. hornmeister

    hornmeister Administrator Staff Member

    Are you in the Congo?
     
  15. Bwood_Horn

    Bwood_Horn Squad Player

    Hoddly henuff "Vimto" was a very popular drink there...
     
  16. Bwood_Horn

    Bwood_Horn Squad Player

    Incidently - this morning's umbongo update contained an installation of 'mono' which I've seen is a free and open-source implementation of Microsoft’s .NET framework (which I though was pretty much Linux anyway?). I know the next 'big' version of umbongo (20.04 LTS) is due to be rolled-out to existing users 'in July' so moving to 'mono' is part of that?

    It'll be interesting to see whether umbongo finally gets to the "...you need to know nothing about computers to use this..." levels of operability of a Mac without the apple's famous "...we don't want you to do that..." - the faff that was installing GIMP on a colleague's Mac...
     
    Diamond likes this.
  17. hornmeister

    hornmeister Administrator Staff Member

    I supported Macs and PCs professionally for 10 years. Macs are beautiful when then work if you can afford them. When they go **** up (which is rarer than PCs) or if you want to do something slightly out of the ordinary it's painful. Also Apple support is woeful and I'm not smug enough or rich enough to be an owner.

    I've considered dabbling with Linux, but in my Uni days I lived with 2 computer scientists (which was fun) and the amount of hammering code into command lines and hassle they went through just to do simple tasks put me off. My NAS drive runs on Linux but that has a nice graphice interface I can access through my browser and that's fine for me. Windows 10 seems to work well.

    Edit. Just checked and I bought the PC I'm currently using 8 years ago. OK it was a bit of a beast back then but it's still ripping along nicely.
     
    Last edited: Jun 30, 2020
  18. Bwood_Horn

    Bwood_Horn Squad Player

    Using the command line/hammering code is there if you want it. There's little point unless you really, really feel the need - getting into linux I imagine is the same as getting into cars - you can tinker with it in your every waking hour, squeezing every single drop of power you can get out of your system or you can just use the bloody thing. The last LTS (2018) release of umbongo was almost at paid-for software levels of user friendliness and something else the vast majority of worshippers of the penguin did then was move from umbongo to 'Mint' (at the same time all of the linux releases moved to the GNOME type interfaces).


    My son has a new i5 system running W10 (Xmas present). I have an a 1st gen i5 system that was used for a lab's 'image analysis' for a 'while' (until its graphics card began 'to struggle' which led to a HDD fault) and was scrapped - I've had it 5 years and it's still more than holding it's own. I have start of the art DTP package (LibreOffice), Stats package (R studio), video encoder (Handbrake), media server (plex), photo editor (GIMP), video editor (OpenShot), music editor (Audacity) and a multitrack guitar tablature editor and player (Tux guitar) that have cost me £0. I've been told that the torrenting speeds using transmission are 'gobsmacking'. Yet I still have nothing as simple and easy to use as 'chkdsk' on ubuntu.
     

Share This Page