UK's N.H.S. hospitals slammed by massive cyberattack
May 12, 2017
by Thomas Dworetzky, Contributing Reporter
The UK's N.H.S. seems to be one of the hardest hit by a global wave of cyber attacks Friday.
Russian cybersecurity firm Kaspersky Lab reported that machines in up to 74 countries were slammed, according to the New York Times.
While the numbers are fast moving, a recent report from the Daily Mail, stated that as many as 57,000 have now been victimized, and it is thought that the virus is “spreading at a rate of five million emails per hour.”
The spreading ransomware demands “$300 dollars” to unlock a user's machine and can't be gotten around to date.
As many as 36 hospitals, doctors’ offices and ambulance companies throughout the U.K. have been impacted, according to the Times.
Jeremy Hunt, the British health secretary, and Prime Minister Theresa May’s office are watching the situation, the paper reported.
May said in a television report, “we’re not aware of any evidence that patient data has been compromised.”
This echoes an earlier report by the N.H.S. that also stated, “the investigation is at an early stage but we believe the malware variant is Wanna Decryptor.”
Besides the N.H.S., attacks have occurred in Spain, Russia, Japan, the Philippines, Turkey and Vietnam.
At the moment Russia, said the Mail, is the worst-hit country, with ransomware having infected not only companies but its Interior Ministry.
“The attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows,” Kaspersky Lab detailed. “This exploit [codenamed “EternalBlue”] has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.”
The remote execution tool used to “ransom” the systems was part of the cache of hacking tools stolen from the N.S.A. and appearing online since 2016.
The N.H.S. appears to have been particularly vulnerable to the hacking because of its widespread use of the now-unsupported and vulnerable Microsoft Windows XP operating system.
This became public in September, 2016, when U.S. software firm Citrix used a Freedom of Information request to get information on 63 N.H.S. Trusts. In 42 responses, 24 stated that they were “not sure” about upgrading away from the system, according to the Inquirer.
Also in September, 2016, Vice Motherboard used FOI requests, as well. It sent them to over 70 N.H.S hospital trusts and found that at least 42 National Health Service trusts in England are still using the Windows XP operating system, with many of them confirming that they no longer receive security updates for the software. Legal experts say that the N.H.S. hospitals may be in breach of data protection regulations.
"If hospitals are knowingly using insecure XP machines and devices to hold and otherwise process patient data they may well be in serious contravention of their obligations," Jon Baines, Chair of the National Association of Data Protection and Freedom of Information Officers (NADPO),” stated by e-mail to the site.
If the Microsoft patch has not been installed, it should be immediately, Kaspersky Lab advised.
In February, experts warned that as bad as ransomware attacks were in 2016, health care IT professionals had better brace themselves for worse in 2017.
"The threat from ransomware is not only growing, but evolving to allow hackers to target vulnerable organizations and their most valuable data files, and adjust ransom demands accordingly,” Katherine Keefe, global head of Beazley BBR Services, said, adding that “the sustained increase in these threats in 2016 indicates that even more organizations will be attacked in 2017, and need to have incident response plans in place before they get a ransomware demand.”
One of the highest-profile hospital ransomware events took place in February, 2016. Hollywood Presbyterian Medical Center in Los Angeles fell prey to an attack, ultimately paying a $17,000 ransom to reclaim its computer network.
Russian cybersecurity firm Kaspersky Lab reported that machines in up to 74 countries were slammed, according to the New York Times.
While the numbers are fast moving, a recent report from the Daily Mail, stated that as many as 57,000 have now been victimized, and it is thought that the virus is “spreading at a rate of five million emails per hour.”
The spreading ransomware demands “$300 dollars” to unlock a user's machine and can't be gotten around to date.
As many as 36 hospitals, doctors’ offices and ambulance companies throughout the U.K. have been impacted, according to the Times.
Jeremy Hunt, the British health secretary, and Prime Minister Theresa May’s office are watching the situation, the paper reported.
May said in a television report, “we’re not aware of any evidence that patient data has been compromised.”
This echoes an earlier report by the N.H.S. that also stated, “the investigation is at an early stage but we believe the malware variant is Wanna Decryptor.”
Besides the N.H.S., attacks have occurred in Spain, Russia, Japan, the Philippines, Turkey and Vietnam.
At the moment Russia, said the Mail, is the worst-hit country, with ransomware having infected not only companies but its Interior Ministry.
“The attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows,” Kaspersky Lab detailed. “This exploit [codenamed “EternalBlue”] has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.”
The remote execution tool used to “ransom” the systems was part of the cache of hacking tools stolen from the N.S.A. and appearing online since 2016.
The N.H.S. appears to have been particularly vulnerable to the hacking because of its widespread use of the now-unsupported and vulnerable Microsoft Windows XP operating system.
This became public in September, 2016, when U.S. software firm Citrix used a Freedom of Information request to get information on 63 N.H.S. Trusts. In 42 responses, 24 stated that they were “not sure” about upgrading away from the system, according to the Inquirer.
Also in September, 2016, Vice Motherboard used FOI requests, as well. It sent them to over 70 N.H.S hospital trusts and found that at least 42 National Health Service trusts in England are still using the Windows XP operating system, with many of them confirming that they no longer receive security updates for the software. Legal experts say that the N.H.S. hospitals may be in breach of data protection regulations.
"If hospitals are knowingly using insecure XP machines and devices to hold and otherwise process patient data they may well be in serious contravention of their obligations," Jon Baines, Chair of the National Association of Data Protection and Freedom of Information Officers (NADPO),” stated by e-mail to the site.
If the Microsoft patch has not been installed, it should be immediately, Kaspersky Lab advised.
In February, experts warned that as bad as ransomware attacks were in 2016, health care IT professionals had better brace themselves for worse in 2017.
"The threat from ransomware is not only growing, but evolving to allow hackers to target vulnerable organizations and their most valuable data files, and adjust ransom demands accordingly,” Katherine Keefe, global head of Beazley BBR Services, said, adding that “the sustained increase in these threats in 2016 indicates that even more organizations will be attacked in 2017, and need to have incident response plans in place before they get a ransomware demand.”
One of the highest-profile hospital ransomware events took place in February, 2016. Hollywood Presbyterian Medical Center in Los Angeles fell prey to an attack, ultimately paying a $17,000 ransom to reclaim its computer network.