eBay

The local GP practice phoned me around 4:30 and chatting to them, I asked if they'd heard about it. They hadn't so I wonder 1/ how widespread the problem is and 2/ why the local Health Board hadn't alerted all GPs?

The current list of those targeted:-

http://www.liverpoolecho.co.uk/news/liverpool-news/nhs-hacked-full-list-hospitals-13027590

Computers running old (unsupported) systems, People who have not updated their Windows OS, all around the World have been infected

It was not a targeted attack, it just swept around, easy targets

Windows actually warned People about this last month

and even gave out another warning THIS week (I put a thread up about that warning) - that if acted upon would have protected a lot of people, now held to ransom

NHS computer systems are ancient and are run on a shoestring budget, with maintenance taking most of the cash and real Security being an afterthought in most areas

The infection may well have been random - the demand for payment to decrypt files is not.

It would appear that many of the systems attacked by the malware were running XP for which there are no longer updates available.

Major warnings given out on these specific vunerablities

Guess who, at the time,  was in Charge of the Government departments, who should have acted on these warnings

Yip twas Me

Microsoft commented that anyone with a free anti-virus and had kept their system updated would be protected from the attack soooooo, what were the IT "specialists/technicians" doing in leaving systems unprotected?

There are people employed to "maintain" systems so what were they playing at leaving such systems open to attack.

So right there!. They have a lot of serious questions to answer. 

Letter from 2014 shows Government halted funding for XP support in the NHS even though they knew the risk was URGENT:

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/314721/DHandCabinetOfficeM...

Apparently our nuclear subs also run on XP !

---

@cee-dee wrote:

Microsoft commented that anyone with a free anti-virus and had kept their system updated would be protected from the attack soooooo, what were the IT "specialists/technicians" doing in leaving systems unprotected?

 

There are people employed to "maintain" systems so what were they playing at leaving such systems open to attack.

---

The problem is that Microsoft no longer issue security updates, (or any other kind), for XP - most, if not all, of the commercial network security software providers have also stopped issuing updates - there is no point blaming the IT guys who have been the target of the cuts, (counted as management in the NHS), and don't have the resources to upgrade systems to prevent these sorts of attacks.

Microsoft actually issued a fix for the defect in March that would have stopped the attack. It's been admitted that many people didn't apply it.

---

@cee-dee wrote:

Microsoft actually issued a fix for the defect in March that would have stopped the attack. It's been admitted that many people didn't apply it.

---

They didn't issue a fix for XP - nor for Windows 8 or Server 2003 - they have however released a fix for these operating systems today.

https://www.ft.com/content/348d4f7a-3808-11e7-821a-6027b8a20f23

The cuts or "savings" might in fact cost more in the long run,as the cost of fixing the attack,cancelled operarions and updating their systems mounts up,the same happened in the prison service,social care,flood defence "savings" and others cost more in the long run,many costs being passed on to other public services,of course waste should be cut,but cutting in the name of austerity for short term gain doesn't seem to be working when in the long term the costs are greater with more damage to repair

Tories were paying Microsoft £5.5 million to provide security for Windows XP.

This was stopped by cost cutting in May 2015

The Government were warned