Vendredi, 14 Août 2020
Dernières nouvelles
Principale » HSE removes all external access to its network following NHS cyber attack

HSE removes all external access to its network following NHS cyber attack

13 Mai 2017

"Seeing a large telco like Telefonica get hit is going to get everybody anxious".

A "ransomware" attack on 16 health organisations in England and Scotland today plunged the NHS into chaos, with similar attacks affected Spanish telecom giant Telefonica and U.S. delivery firm FedEx. Still, the news prompted security teams at large financial services firms and businesses around the world to review their plans for defending against ransomware attacks, according to executives with private cyber security firms. Two security firms - Kaspersky Lab and Avast - said they had identified the malware behind the attack in upward of 70 countries, although both said the attack has hit Russian Federation hardest. We'll note that Kaspersky supports NPR and is a provider of security services for its IT systems.

A National Health Service (NHS) board in front of the Houses of Parliament in London.

Victims of the attack are confronted with a pop-up window that tells them their files are now encrypted and that they need to send $300 via the bitcoin cryptocurrency.

A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.

This particular vulnerability was publically disclosed by a group calling itself Shadow Brokers, which claimed to have stolen it from the NSA, among a cache of files it took. The tools used to pull off this attack were likely from an NSA toolset leaked by the Shadow Brokers.

"Activity from this ransomware family was nearly inexistent prior to today's sudden explosion when the number of victims skyrocketed in a few hours", Bleeping Computer's Catalin Cimpanu writes.

Alan Woodward, visiting professor of computing at the University of Surrey, said there was evidence the ransomware was spreading using a Microsoft flaw exposed in a recent leak of information from US intelligence agencies.

"This is a major cyber attack, impacting organisations across Europe at a scale I've never seen before", said security architect Kevin Beaumont. When asked to confirm that Wana Decryptor has struck in the US, and at what scale, Acting Deputy Press Secretary Scott McConnell did not provide specifics. DHS has a cadre of cybersecurity professionals that can provide expertise and support to critical infrastructure entities.

Moon to Xi: Let's Talk
Moon has said the decision had been made hastily and his government should have the final say on whether to deploy it. He has been cautious about the recent decision to deploy a controversial USA anti-missile system in South Korea.

Commenting on today's attack, Sen. It's prevented some doctors and hospitals from accessing patient records, delaying and disrupting patient care.

May told a media briefing: "We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack".

Telecommunications company Telefonica was among many targets in Spain, though it said the attack was limited to some computers on an internal network and had not affected clients or services.

The Kent Community Health Trust said it had not been directly affected - but had shut its system down after being alerted to the attack.

NHS Digital, which oversees hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which holds affected computers hostage while the attackers demand a ransom. And, we are not aware of any evidence that patient data has been compromised.

The problem erupted around 12:30 p.m. local time, the IT worker says, with a number of email servers crashing.

"Looking at the trends, it was going to happen", he said.

The U.K.'s National Cyber Security Center says it's working with both the digital office of the NHS and law enforcement.