Author Topic: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)  (Read 694 times)

lankou

  • Charter Member
  • Hero Member
  • *****
  • Posts: 2678
http://www.bbc.co.uk/news/health-39899646

NHS England hit by 'cyber-attack'

9 minutes ago

 From the section Health

NHS services across England have been hit by IT failure, believed to be caused by a large-scale cyber-attack.

Trusts and hospitals in London, Blackburn, Nottingham, Cumbria and Hertfordshire have been affected.

Some GP surgeries have had to shut down phone and IT systems while A&Es have told people not to attend unless it's a real emergency.

NHS England says it is aware of the issue and is looking into it.

Software called ransomware is thought to be behind the cyber-attack.




Among those affected is the East and North Hertfordshire NHS Trust which says it is experiencing problems with computers and phone systems.

It has postponed all non-urgent activity and is asking people not to come to A&E at the Lister Hospital in Stevenage.

IT specialists are working to resolve the problem as quickly as possible, a statement from the trust says.

Also affected is Derbyshire Community Health Services NHS Trust which says it has shut down all of its IT systems following a "secure system attack".

A GP from a surgery in York said: "We received a call from York CCG [Clinical Commissioning Group] around an hour ago telling us to switch off all of our computers immediately.

"We have since remained open, and are dealing with things that can be dealt with in the meanwhile."

Meanwhile, Blackpool Hospitals NHS Trust has asked people not to attend A&E unless it was an emergency because of computer issues.

But the NHS in Wales said it had a separate IT system and had not been affected by the cyber-attack.


Analysis: Chris Baraniuk, technology reporter

Software that locks a computer and demands payment before allowing access again - ransomware - is one of the world's biggest growing cyber-threats.

It certainly looks like that is what has hit the NHS in this case - and one IT firm says 11 of its NHS customers have been affected.

Screenshots shared online, purportedly from NHS staff, show a program demanding $300 (£230) in Bitcoin that looks similar to ransomware known as WannaCryptor or WCry.

 

AndMac

  • Charter Member
  • Hero Member
  • *****
  • Posts: 741
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #1 on: May 12, 2017, 06:01:20 PM »
Copied from the BBC News website:
Services affected so far
Posted at 17:13

Here is a list of the hospitals that we know are affected:

    Watford General
    Southport
    Blackpool Hospitals

    Lister Hospital,  Stevenage
    East & North Hertfordshire
    Leicester
    Northwick Park, north west London
    Lincoln County Hospital
    St. Bartholomew and Royal London
    Aintree Hospital, Liverpool
    Colchester General Hospital
    Norfolk and Norwich University Hospital
    Broomfield Hospital, Essex
    Queen's Hospital, Burton
    Royal Stoke University Hospital, Staffordshire
    Royal Berkshire Hospital

We'll keep it updated as we get more information
"I might repeat to myself slowly and soothingly, a list of quotations beautiful from minds profound - if I can remember any of the damn things".

Dorothy Parker

SunshineMeadows

  • Administrator
  • Super Hero Member
  • *****
  • Posts: 7476
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #2 on: May 12, 2017, 06:03:58 PM »
This is awful and weird because it was recently a storyline on a tv show about a hospital Chicago Hospital . My impression is that the ransomware stops files being accessed it does not allow them to be edited.

I cant help thinking some good might come out of this in that the Government is getting a wake up call about what happens when IT services go down.
 >bighugs< >bighugs< >bighugs< to all.

JLR2

  • Hero Member
  • *****
  • Posts: 1515
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #3 on: May 12, 2017, 06:07:30 PM »
I can't help but wonder what would happen were this attack to have been targeted on the DWP, Atos or Maximus. The damage and serious effects on welfare benefit claimants would be incredible, could it be that the DWP would ignore the ransom demand and call on every claimant to resubmit their claim from scratch?

lankou

  • Charter Member
  • Hero Member
  • *****
  • Posts: 2678
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #4 on: May 12, 2017, 07:33:45 PM »
I can't help but wonder what would happen were this attack to have been targeted on the DWP, Atos or Maximus. The damage and serious effects on welfare benefit claimants would be incredible, could it be that the DWP would ignore the ransom demand and call on every claimant to resubmit their claim from scratch?

Many NHS computer systems are maintained by ATOS.

SteveX

  • Hero Member
  • *****
  • Posts: 1168
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #5 on: May 12, 2017, 08:13:37 PM »
Quite frankly I've been expecting this kind of thing for a while now, amazingly a HUGE number of Hospitals and Doctors surgerys use Windows XP still, Microsoft has stopped supporting this and thus no new security updates and patches are out for the system.

This is another example of the tories cutting costs, the systems should have been upgraded several years ago, this was an accident waiting to happen.   I mean come on.. XP??  words fail me sometimes.. 
Member of POMMAS

JLR2

  • Hero Member
  • *****
  • Posts: 1515
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #6 on: May 12, 2017, 09:10:36 PM »
I don't know if I really will chuckle too loud but should the day arrive, following the UK government renewing Trident, that the government find a similar attack has been carried out on the Trident IT systems what will they do?  After all we have heard of folk hacking the Pentagon and the like haven't we.

KizzyKazaer

  • Global Moderator
  • Super Hero Member
  • *****
  • Posts: 7985
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #7 on: May 12, 2017, 09:26:53 PM »
Whoever was responsible, what a mean-spirited and shitty thing to do, attacking a public service which by nature deals with people in need.

And I agree that the IT systems should have been maintained properly to help prevent this type of hit, you have to have security updated or it doesn't work  >doh<

Rosie

  • Charter Member
  • Hero Member
  • *****
  • Posts: 727
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #8 on: May 12, 2017, 09:56:22 PM »
It is not just the NHS - apparently over 70 countries are affected.

http://www.bbc.com/news/technology-39901382
Save the world - it's the only planet with chocolate

oldtone27

  • Charter Member
  • Hero Member
  • *****
  • Posts: 2601
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #9 on: May 13, 2017, 10:55:18 AM »
I don't think the problem is primarily due to cuts. The problem for any large organisation is the cost in time and disruption in updating older equipment and operating systems.

Much of the tasks the computers in such organisations are required to do are pretty mundane, emails, reading and writing data to servers, day to day correspondence. Nothing which quite old such equipment can't handle perfectly well.

It takes time and quite extensive management to update every computer and still maintain a service, particularly when most users are not that computer savvy. They just expect it to work for their tasks. Upgrades are always a fraught time so are usually left to the 'experts'. There are only so many of them.

The problem is compounded when a particular version of an operating system is no long supported. The possibility is that not only do you have to install a new version which can introduce compatibility problem with other equipment attached to the computer, but the computer itself may not be up to running the new software at all. This means huge disruption and cost installing new machines.

It is dilemma most large organisations face and something the software houses should address by maintaining support for old, but widespread and adequate, operating systems for much longer.

NeuralgicNeurotic

  • Charter Member and Volunteer
  • Super Hero Member
  • ******
  • Posts: 7352
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #10 on: May 13, 2017, 01:24:10 PM »
Quote
The problem is compounded when a particular version of an operating system is no long supported. The possibility is that not only do you have to install a new version which can introduce compatibility problem with other equipment attached to the computer, but the computer itself may not be up to running the new software at all. This means huge disruption and cost installing new machines.

It is dilemma most large organisations face and something the software houses should address by maintaining support for old, but widespread and adequate, operating systems for much longer.


Microsoft continues to offer paid support for XP to a number of large companies and organisations. The Government had the option to purchase this continued support 2 years ago. They didn't take it:

https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs


Quote
The Guardian reported two years ago that the government had decided not to extend its £5.5m deal with Microsoft to provide support for Windows XP, leaving computers that still run on the obsolete operating system at risk from hackers.

“NHS trusts have been running thousands of outdated and unsupported Windows XP machines despite the government ending its annual £5.5m deal with Microsoft, which provided ongoing security support for Windows XP, in May 2015,” Ashworth wrote.

“It effectively means that unless individual trusts were willing to pay Microsoft for an extended support deal, since May 2015 their operating systems have been extremely vulnerable to being hacked,” he added.

A freedom of information request in February found a total of 79 English trusts have suffered ransomware attacks since June 2015, he said.


So, this situation is a direct result of government cuts. They didn't need to migrate to a new system, just pay to patch the existing one.

NeuralgicNeurotic

  • Charter Member and Volunteer
  • Super Hero Member
  • ******
  • Posts: 7352
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #11 on: May 13, 2017, 01:30:23 PM »
If anyone's repeat prescription is affected by this incident, you can 'borrow' a supply of regular meds from your usual pharmacy. This will be 'repaid' when the precription appears. If you are somewhere you cannot access your regular pharmacy, some chemists will allow you to puchase a days supply of certain precription meds over the counter (had to do this once during one of our interminable marching season disputes. Got trapped in a part of town that was effectively sealed off, and couldn't get home to collect my meds.)

oldtone27

  • Charter Member
  • Hero Member
  • *****
  • Posts: 2601
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #12 on: May 13, 2017, 04:00:37 PM »
Thank you NN, I wasn't aware of that option to extend XP support. I wonder the cost per computer is at £5.5m?

Sounds extremely profitable for Microsoft. I'm not convinced they are not still ripping us off.

NeuralgicNeurotic

  • Charter Member and Volunteer
  • Super Hero Member
  • ******
  • Posts: 7352
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #13 on: May 13, 2017, 04:44:29 PM »
Quote
I wonder the cost per computer is at £5.5m?

 >lol<

Sunny Clouds

  • Charter Member
  • Hero Member
  • *****
  • Posts: 4066
Re: NHS England hit by 'cyber-attack' (Serious and ongoing situation.)
« Reply #14 on: May 15, 2017, 11:19:54 PM »
On Saturday teatime, I was knocked off my feet, and as I lay there in the amblance, trussed up like a chicken for roasting, I suddenly wondered whether they'd have to take me far to find a hospital that hadn't fallen foul of the cyber attack.  Fortunately they didn't, and although there was the inevitable wait in the corridor for the scans, and a further wait for all the rolling and prodding, as I left the hospital on Sunday morning, resplendant in my hospital jim-jams, urine-sodden clothes in a polythene bag, I thanked my lucky stars that not only has the government not yet completely destroyed the NHS (I think it will take another 5-10 years to render it past recovery) but that the cyber criminals hadn't managed to shut down more than a small proportion of the computerised scanning equipment.

Incidentally, I have no more than bruising, sore muscles etc.  plus heightened anxiety over going out.  You'll be amazed to know that Monday brought no falls.