x404.co.uk
http://www.x404.co.uk/forum/

NHS Cyber Attack
http://www.x404.co.uk/forum/viewtopic.php?f=19&t=26249		 Page 1 of 2
Author:  cloaked_wolf [ Fri May 12, 2017 8:22 pm ]
Post subject:  NHS Cyber Attack
http://www.bbc.co.uk/news/health-39899646
Author:  timark_uk [ Fri May 12, 2017 8:23 pm ]
Post subject:  Re: NHS Cyber Attack
It isn't just the NHS, it is a global ransomware attack.
Still pretty bad, but not just targeting the NHS.

Mark
Author:  jonbwfc [ Sat May 13, 2017 10:58 pm ]
Post subject:  Re: NHS Cyber Attack
I feel honour bound to point out that about two years ago the NHS made a massive chunk of their in-house IT staff redundant and handed most of their 'back end' IT over to Centrica.


Jonathan
Author:  pcernie [ Sat May 13, 2017 11:22 pm ]
Post subject:  Re: NHS Cyber Attack
Microsoft sends out a Windows XP patch to block new ransomware | TechRadar
http://www.techradar.com/news/microsoft ... ransomware

Is network security the real problem here, for it to spread the way it did? I find it unlikely that it got in through XP globally... oh, I dunno, it just doesn't feel right!
Author:  big_D [ Sun May 14, 2017 7:27 am ]
Post subject:  Re: NHS Cyber Attack
The problem is, it is spread through SMB, which means any PC on a local network, that hadn't been patched, could be infected. The initial infection might run over a phishing email or an infected website (or on a PC that was on an open network and didn't have SMB deactivated, shouldn't be the case since XP SP2, but idiots will be idiots).

Once one PC is infected, it just needs to search for all other PCs on the local network that haven't been patched and it can infect them, because SMB is the protocol used on local networks for transferring files between PCs and between servers - well, on more modern PCs, you will probably use CIFS, but SMB is still active for legacy connections.
Author:  cloaked_wolf [ Sun May 14, 2017 3:15 pm ]
Post subject:  Re: NHS Cyber Attack
I've since read a bit more and it seems to be a worldwide problem. One of the big issues is that older medical software designed to run on XP won't necessarily run on anything newer.

It was I think only last year that we were upgraded to Windows 7. Prior to that, we ran XP. We were issued smartcards about a year or so before the upgrades. The software to activate the smartcards, change passwords and user profiles etc would only work with IE6. If you let IE update itself to the latest version (which everyone did), then the smartcards wouldn't work. I ended up installing Firefox on every computer so staff could access the internet/intranet, leaving IE at version 6.

Obviously since then, they'd fixed the issue and we're all on Windows 7.
One of the servers is on the latest Windows version. The other is still on 2003. I just shut everything down as soon as I was aware of the issue.
Author:  TheFrenchun [ Sun May 14, 2017 3:37 pm ]
Post subject:  Re: NHS Cyber Attack
cloaked_wolf wrote:
I've since read a bit more and it seems to be a worldwide problem. One of the big issues is that older medical software designed to run on XP won't necessarily run on anything newer.

It was I think only last year that we were upgraded to Windows 7. Prior to that, we ran XP. We were issued smartcards about a year or so before the upgrades. The software to activate the smartcards, change passwords and user profiles etc would only work with IE6. If you let IE update itself to the latest version (which everyone did), then the smartcards wouldn't work. I ended up installing Firefox on every computer so staff could access the internet/intranet, leaving IE at version 6.

Obviously since then, they'd fixed the issue and we're all on Windows 7.
One of the servers is on the latest Windows version. The other is still on 2003. I just shut everything down as soon as I was aware of the issue.

I run a lot of my software at work on an XP virtual machine. It's clanky but may be more secure?
Author:  jonbwfc [ Sun May 14, 2017 5:16 pm ]
Post subject:  Re: NHS Cyber Attack
TheFrenchun wrote:
I run a lot of my software at work on an XP virtual machine. It's clanky but may be more secure?

Depends when it was last snapshotted really doesn' it? Also, even if your VM being infected may not cause much trouble of itself, if the VM has network access it can stil propogate the problem to other computers.
Author:  big_D [ Mon May 15, 2017 6:56 am ]
Post subject:  Re: NHS Cyber Attack
Exactly Jon. If it is XP, then it shouldn't have any network access these days, end of story.
Author:  cloaked_wolf [ Mon May 15, 2017 8:39 am ]
Post subject:  Re: NHS Cyber Attack
Well so far looks okay at work this morning. However, one of the servers is Windows 2003. It's not directly connected to the internet but it is connected to the rest of the network (by the looks of things, through another server).
Author:  paulzolo [ Mon May 15, 2017 11:50 am ]
Post subject:  Re: NHS Cyber Attack
This is an odd one - they talk about Windows XP, Windows 7 and 8 being affected, but not Vista. Isn]t Vista between XP and 7, and would also be a potential target? Not even Microsoft mentioned it in their patch notes.
Author:  davrosG5 [ Mon May 15, 2017 2:44 pm ]
Post subject:  Re: NHS Cyber Attack
paulzolo wrote:
This is an odd one - they talk about Windows XP, Windows 7 and 8 being affected, but not Vista. Isn]t Vista between XP and 7, and would also be a potential target? Not even Microsoft mentioned it in their patch notes.

I would assume Vista is indeed as vulnerable as the others but in terms of uptake its usage now must be pretty minuscule unlike the more popular iterations (although calling 8 popular is a bit of a stretch I guess). It's possible that the threat surface from Vista is so small that it wasn't worth the effort. Alternatively, maybe they did release a patch on the quiet but are sticking to the 'Don't Mention Vista' mentality to try and make people forget it was ever a thing - I expect 8 to end up going that way eventually as well.
Author:  l3v1ck [ Mon May 15, 2017 3:24 pm ]
Post subject:  Re: NHS Cyber Attack
Indeed. Windows 8 was the first version since 3.1.1 (the oldest version I'vve used) that I didn't like at all.
Having said that I don't think I ever used Vista. I never had it and work went from XP to 7.
Author:  davrosG5 [ Mon May 15, 2017 4:21 pm ]
Post subject:  Re: NHS Cyber Attack
l3v1ck wrote:
Indeed. Windows 8 was the first version since 3.1.1 (the oldest version I'vve used) that I didn't like at all.
Having said that I don't think I ever used Vista. I never had it and work went from XP to 7.

The sad thing is that Vista and 7 actually share much of the same underpinning but they just made a complete hash of a couple of things in Vista that made it a massive pain to use.
UAC was overly keen to pop up and IIRC the indexing system just seemed to thrash away almost constantly which really didn't help performance much.
Author:  big_D [ Tue May 16, 2017 7:23 am ]
Post subject:  Re: NHS Cyber Attack
Vista was never really accepted by businesses and they stayed on XP until 7 came long (in fact many businesses moved from XP to Windows 7 long after 7 moved out of mainstream support and had been superceded by 8 and 10).

There are very low numbers of users and it was generally reviled (I found it a huge step forward, compared to XP, but i was in the minority).

It implemented UAC controls to ask for permission to do administration tasks, just like Mac OS X, Linus or UNIX, but Windows users weren't used to being asked for permission to install software. Plus, there was so much poorly written software that needed Administrator privileges, that the application complained and asked for the administrator password every time the it was started.

This extra, in fact, industry standard, security gave Vista a bad name, so MS had to weaken that aspect of security, when it released Windows 7.
Page 1 of 2 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/