New
#10
As I understand it the patch was only released by NHS Digital to the NHS trusts at the end of April so it looks like NHS Digital sat on it for six weeks.
As I understand it the patch was only released by NHS Digital to the NHS trusts at the end of April so it looks like NHS Digital sat on it for six weeks.
I doubt the Imaging technology systems were connected to the Internet as such - just to the network which of course runs the vulnerable SMB protocols - in order to distribute data and images to staff who need results for their medical and surgical procedures etc. Once disconnected from networks, the machines could not distribute the images, thus could not be accessed.
Not talking about 2-D imaging like X-Rays, but whole body scans and 3-D tomographs here. The software to navigate these compound images probably runs within the instrumentation suites, not on the client PCs around the hospitals.
I posted a letter from last week's British Medical Journal here:
Prophetic BMJ letter - did this make NHS target for Ransomware attack? - Windows 10 Forums
that indicates that ransomware had already claimed hits on at least 2 NHS hospitals this year, including BARTS, in January, which was badly hit last Friday. The letter exaggerates the use of XP - it's use in 90% of NHS hospitals does not mean that 90% of hospital PCs run XP - apparently less than 5% of PCs in use do.
The proportion of Windows 7 PCs is probably similar to the general distribution of Windows versions - about 50%, and in 48 hospitals and trusts these were vulnerable on Friday.
If NHS Digital had the patch 6 weeks before distributing it, and then the hospitals and trusts sat on it for a further couple of weeks, knowing that they were at risk, that's what I find incredible.
So as I understand it, the ransomware is transmitted via email. Eh?
So, what kind of a boob would have a system doing Point of Sale work, or storing critical medical records that is left open to the internet, and receiving email, of all things?
If any company wants their people to have email access, then they should have a separate system just for that purpose. And, even that system should be backed up repeatedly, so in case of a HD crash or virus infection, the system can be purged and restored to a previous time when it was clean.
I've worked on many LARGE computer systems, that were backed up every night. And multiple backups were stored in a fireproof vault, for up to a month. And every one of those systems was closed to the internet.
I was somewhat surprised just a while back when the VA upgraded their OS from Windows XP to Windows 7, even though 8.1 was already out and ten was on its way.
It's like when the computer on the Hubble Telescope was upgraded from a 386 cpu to a 486 cpu. Talk about being behind the times!
Y'all have a great day now, and safe computing.
All of this makes me pine for XP.
If only I had an x64 copy of XP. I could load it onto the desktop that I just retired. It's an x64 with 8 GB RAM, so I'd need x64 XP to take full advantage.
It was running Win 7, and it's way high spec for XP. I'll bet it would run XP like blazes.
The problem is, that if those vulnerable systems are on the same network, they can be infected without anyone having run the exploit on them.
For instance, a user with a fully patched version of Windows 10 might open the attachment, and then it would spread to vulnerable machines simply by connecting to the file sharing port on those computers and executing specially crafted code.
Having said that, even the users machine, fully patched can still have their files encrypted by executing an attachment. If you can read and change the files as a normal user, anything you run as that user can also do that.
Actually though, it appears the worm never even functioned on XP.
Over 98% of All WannaCry Victims Were Using Windows 7