[unable to retrieve full-text content]
• This is not targeted at the NHS, it’s an international attack, says Theresa May
• NHS England declares major incident after ransomware blocks access to patient records, internal phones and emails
More than half of Scotland’s health boards have been affected by a large-scale cyber attack on NHS computer systems. GP surgeries and dental surgeries were among some of the locations hit by the ransomware attack on IT networks, the Press Association reports.
NHS Lanarkshire said only those patients requiring emergency treatment should attend hospital while they dealt with the issue on Friday.
The Agence France-Presse news agency reports that, in Spain, employees at the telecom giant Telefónica were told to shut down their workstations immediately through megaphone announcements as the attack spread.
Forcepoint Security Labs said that “a major malicious email campaign” consisting of nearly 5m emails per hour was spreading the ransomware.
Some more quotes from the prime minister. She has told reporters:
I think what is important is that we have recognised that increasingly we need to be aware of the need to address cyber security issues, that’s why the National Cyber Security Centre has been set up. It is now able to work with the NHS to support the organisations concerned and to ensure that patient safety is protected.
After the prime minister said she was “not aware of any evidence that patient data has been compromised”, Ross Anderson, a professor of security engineering at Cambridge university, advises caution.
The NHS are saying that patient privacy hasn’t been compromised, but if significant numbers of hospitals have been negligently running unpatched computers for two months after the patch came out, how do they know?
Some more on that statement from the prime minister, Theresa May, who says:
We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.
This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.
There are reports around that as many as 40 NHS organisations have been hit by the cyber-attack. NHS Digital says it is not going to confirm the number until tomorrow.
The cyber-attack that has hit the NHS is part of a wider international attack, the prime minister Theresa May has confirmed.
She said there is no evidence that patient data had been compromised.
One expert who has worked closely with law enforcement says this would be seen as an attack on critical national infrastructure. He says investigators will be examining systems affected by the ransomware to see how badly they are affected and whether they, in turn, can or already have infected other computer systems connected to them.
He adds that the fear is that the ransonware cannot be broken and thus data and files infected are either lost or that the only way to get them back would be to pay the ransom, which would involve giving money to criminals.
One question arising from the attack on a sector of critical national infrastructure is whether the government has a policy on paying ransom to cyber hackers.
British government policy in the case of a terrorist attack or of the taking of a person hostage is clear: ransom will not be paid. But it is not clear if a policy exists for the 21st-century cyber equivalent. The lead agency dealing with the attack on the NHS is the National Cyber Security Centre, an arm of GCHQ.
The New York Times is reporting that 12 countries, including the UK, have been affected.
It reports that the attack struck “computers across a wide swath of Europe and Asia”, saying that Japan, Russia, Turkey, Vietnam and the Philippines are among those affected.
Prof Alan Woodward, a security expert from the University of Surrey, says the attackers appear to have taken advantage of a chink in the armour of Microsoft XP that was exposed in a recent leak of CIA hacking tools.
He says the problem may have been exacerbated because organisations have not updated their software with the fixes made available, or are using outdated versions.
From what we can see, it is a piece of ransomware called wanna decryptor. It goes by other names but it emerged in February 2017. Since then, it has been modified and there is evidence that it is spreading using a flaw in the Microsoft network protocol called SMB, which was exposed in the recent dump of exploits that were allegedly from US intelligence agencies.
It is not just the NHS affected: reports suggest it is a global problem. The virulence is likely to be because some organisations have either not applied the patch released by Microsoft, or they are using outdated operating systems (such as XP) that are no longer supported by Microsoft and hence no patch exists.
NHS England have released an updated statement. Dr Anne Rainsberry, the NHS incident director, said:
We’d like to reassure patients that if they need the NHS and it’s an emergency that they should visit A&E or access emergency services in the same way as they normally would and staff will ensure they get the care they need.
More widely, we ask people to use the NHS wisely while we deal with this major incident, which is still ongoing. NHS Digital are investigating the incident and across the NHS we have tried and tested contingency plans to ensure we are able to keep the NHS open for business.
Here’s a little background from my colleagues Damien Gayle, Alexandra Topping and Sarah Marsh. They report the situation as it stood at about 5pm today:
Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.
The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS England has declared a major incident. NHS Digital said it was aware of the problem and would release more details soon.
The NHS has declared a major incident after it was hit by a cyber attack that is thought to have affected services across England and Scotland. Staff have been locked out of their computers and many trusts have been forced to divert emergency patients.
We’ll be updating you here as this story develops.
Continue reading…
Global cyber-attack: NHS services among victims – live updates
Hiç yorum yok:
Yorum Gönder