Jeudi, 27 Juillet 2017
Latest news
Main » Dumfries and Galloway NHS hit in cyber attack

Dumfries and Galloway NHS hit in cyber attack

16 Mai 2017

NHS hospitals are still struggling in the fight against a global ransomware attack, with computer systems in several hospitals locked three days after the initial outbreak and previously unaffected hospitals revealed to have fallen to WannaCrypt ransomware.

Microsoft distributed a patch for the software vulnerability two months ago, but not all computer users and networks worldwide had yet made that update, and thus were highly vulnerable.

The Computer Emergency Response Team of India (CERT-In) has issued a red alert about the ransomeware.

Though a British security researcher "MalwareTech" managed to stop the spread of the virus, hackers have issued new versions that cybersecurity organisations are trying to counter.

The investigations into the attack were in the early stages, however, and attribution for cyber attacks is notoriously hard.

Microsoft president and chief legal officer Brad Smith on Sunday criticized the way governments store up information about security flaws in computer systems.

How can you defend yourself?

"GP surgeries are open as usual today and if you have an appointment you should still attend unless contacted by your surgery and told not to". It is not clear why it took so long for NHS Digital to send it, or why so many trusts failed to update their systems once notified. Install and use an up-to-date antivirus solution (such as Microsoft Security Essentials).

And by "important", they're talking about your most commonly used files - including.mp3 audios and.mp4 and.avi videos;.png and.jpg images; and.doc and.txt documents. For the computers which have been affected by the malware, and they do not want to pay the ransom in bitcoins, they simply should delete all the data and start again.

WannaCry encrypts files with the following extensions, appending '.WCRY' to the end of the file name like.lay6, .sqlite3, .sqlitedb, .accdb, .java and.docx among others. "Those who do not will see their systems affected at an increasing rate by different variants of this malware".

You can protect yourself by installing updates, running anti-virus software and using firewalls.

The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected. Crucially they called on Hunt to ensure that "no unsupported operating systems, software or internet browsers are used within the IT estate". Jailbreaking, rooting, or disabling any of the default security features of your device will make it more susceptible to malware infections.

Further NCSC guidance for enterprises can be found here, while guidelines for home users and SMEs is available here.

Never click on a URL contained in an unsolicited email, even if the link seems benign.

"Criminals use opportunities like this to further defraud people using phishing and smishing tactics".

The political fallout from the attack escalated over the weekend as both Labour and the Lib Dems blamed the crisis in the health service on the government's failure to upgrade hospital computers.

"This was like a weapon of mass destruction compared to previous ransomware because it was able to spread on its own, very quickly, over a vulnerability that was largely unpatched".

Dumfries and Galloway NHS hit in cyber attack