WANNACRY ATTACK: NHS, major organisations left reeling by co-ordinated hack

 

Winnipeg – VIJAY SHAH via Winnipeg Free Press and ReportCA.net

Several of the United Kingdom’s National Health Service trusts, as well as numerous large companies across the globe are still recovering from a large-scale ‘unprecedented’ ransomware cyber attack which occurred this weekend, ReportCA.net wrote yesterday.

The ‘cyberextortion’ attack, which involved hackers accessing computers via phishing emails, and locking systems and encrypting company data, also affected numerous firms engaged in the manufacturing, finance and transport sectors. Government agencies were also caught up in the debacle. Technicians at the NHS, which offers subsidised healthcare in the U.K., scrambled to limit the spread of the ransomware, which caused problems with accessing patient data and hospital appointments, among other things. Many companies ordered their employees to disconnect their workstations from the Internet and to avoid opening emails from unfamiliar sources.

Such was the scale of this weekend’s mass attack, Microsoft was moved into changing its cybersecurity policy, making free of charge updates and patches for computers running older packages such as Windows XP, which many small and medium enterprises still rely on, due to the expense of system upgrades or lack of technical knowledge and ICT skills.

 

 

 

Apart from the NHS, Spain’s Telefonica and Iberdrola also reported computers being targeted. The German national railway Deutsche Ban was another victim. ReportCA.net published a photo taken by an eyewitness at Chemnitz rail station, showing a display board for train times. The screen was partly obscured by a red and white pop-up with a padlock logo, a sight reported by other victims of the attack. The hackers locked out users and demanded payment in bitcoin currency to release encrypted data. Other victims included the Russian Interior Ministry, the country’s mobile phone operators MTS and MegaFon, French car maker Renault, and football clubs in Europe. One long-established club, IF Odd, said Saturday that its online ticketing service was crippled by the ransomware.

The British home secretary Amber Rudd said that one in five of her country’s 248 NHS trusts, which manage hospitals and patient services above general practitioner level, had been hit. Thousands of patient appointments and operations, including for serious conditions, were cancelled, as medical staff were frozen out of their databases and systems. According to Rudd, 48 trusts were affected, but quick reaction times by their ICT departments meant that as of yesterday, only six were still reporting issues. The National Cyber Security Centre also stepped in to mitigate the impact of the attack.

Cybersecurity officials urged both individuals and companies to ensure they regularly update their anti-virus and security systems, enact security updates if they are Windows users and to back-up data on a separate server or in the cloud.

The source of the attack is as yet unknown, although Russian and Chinese hackers have targeted companies and governmental agencies in the West in past years. Two cybersecurity firms, Avast and Kaspersky Lab, have said that the ransomware attacked PCs in 70 countries, with Russia the most affected. There have been reports that the hackers used the WannaCry ransomware program, said to have been based on spying technology utilised by America’s NSA (National Security Agency). More than 36,000 infections were detected by yesterday. It is reported that the hackers behind ‘WannaCry’ stole the hacking tools from the NSA, which created the tool to exploit a loophole in Microsoft’s Windows operating system.

Ori Eisen, founder of Trusona cybersecurity firm in Scottsdale, Arizona, USA, warned that the WannaCry attack is just the beginning and another more advanced attack could have serious and potentially lethal implications. Speaking with the Associated Press news agency, Eisen said: This is child”s play, what happened. This is not the serious stuff yet. What if the same thing happened to 10 nuclear power plants, and they would shut down all the electricity to the grid? What if the same exact thing happened to a water dam or to a bridge?” he asked.

“Today, it happened to 10,000 computers,” Eisen said. “There”s no barrier to do it tomorrow to 100 million computers.”

Intranational policing agency Europol described the attack as at “an unprecedented level and will require a complex international investigation to identify the culprits.”

The onslaught of WannaCry was successfully halted after a 22-year-old British cybersecurity researcher, known only by his or her tag ‘MalwareTech’ accidently stumbled across a ‘kill switch’ that disabled the ransomware. By entering a nonsensical domain name, MalwareTech was able to stop the malware spreading further. He or she purchased the domain name for around £9, yet this quick thinking decision saved companies millions in potential damage control. The kill switch only worked for those not affected however, and many organisations who were already hit were forced to pay the ransom demand or call up emergency data stocks.

SOURCES:

HEM Newsbreakers, HEM News Agency, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/hem-newsbreakers

Report 24 Canada, Twitter, Twitter Inc. https://twitter.com/Report24CA

“Unprecedented global “ransomware” attack seeks cash for data” – Winnipeg Free Press via ReportCA.net (13 May 2017) https://reportca.net/2017/05/unprecedented-global-ransomware-attack-seeks-cash-for-data/

IMAGE CREDIT:

“File:Wana Decrypt0r screenshot.png” – WannaCry via SecureList, Wikimedia Commons (12 May 2017) https://commons.wikimedia.org/wiki/File:Wana_Decrypt0r_screenshot.png

 

FRANCE ELECTIONS: Last runoff between Macron and Le Pen begins, hackers cause havoc

Paris – VIJAY SHAH via JON HENLEY and The Guardian

The last stage of the French presidential elections has begun in earnest, with the European country’s voters choosing between centre-leaning former economist Emmanuel Macron and leader of the far-right nationalist party Front National, Marine Le Pen, Britain’s Guardian newspaper reports.

Akin to the recent U.S. presidential elections where Russian hackers were accused of interfering with the system to guarantee a win for current president Donald Trump, the French voting rally has been marred by recent reports of a ‘massive online dump’ of campaign data by unknown parties and attributed to Macron’s new political movement.

 

 

Ten of thousands of stolen emails and documents, some claimed to be fake, were put in the public domain. Fearful of the likely impact on the outcome of the election, the French government has made it a criminal offence for the data to be published. The Senate also declared an electioneering blackout lasting until the close of polls today at 8 pm local time.

Macron’s election team, the En Marche! movement, condemned the hack, saying that it was clearly an attempt at democratic destabilisation, like that seen during the last presidential campaign in the US,”

The bitter and divisive at times runoffs are a litmus test for the future direction of politics not only in France, but also in Europe, particularly as politics in the developed world increasingly swings towards the far-right. Far-right candidates were recently just about kept out of the presidential palace in Austria, and are increasingly grabbing a greater share of the vote in the U.K. and Netherlands. The two forerunners in the French elections are also polar opposites. The Guardian writes: Macron, a 39-year-old former banker and economy minister running as an independent centrist, is economically liberal, socially progressive, globally minded and upbeat. Le Pen is a nation-first protectionist who wants to close France’s borders and possibly leave the euro and the EU.”

The last polls, published on Friday, suggest that Emmanuel Macron has a lead over Marine Le Pen of around 22-23 percentage points, buoyed in part by a recent controversial televised debate, where Le Pen was said to have spent more time laying into her rival than promoting her party’s policies to the country’s electorate.

“The commission calls on everyone present on internet sites and social networks – primarily the media, but also all citizens – to show responsibility and not pass on this content so as not to distort the sincerity of the ballot,” the national election commission said on Saturday.

Most French media decided not to break the news of the hack, whose origin was not mentioned by the Guardian. France’s leading broadsheet, Le Monde, declared it would not publish any of the 9 gigabytes of leaked data, due to both its volume and the risk of influencing the election’s outcome.

“If these documents contain revelations, Le Monde will of course publish them after having investigated them, respecting our journalistic and ethical rules, and without allowing ourselves to be exploited by the publishing calendar of anonymous actors,” the paper said.

The data was dumped onto popular sharing service Pastebin under a profile named EMLEAKS. The targeted political movement, Macron’s En Marche! (On the March!) were not perturbed by the public release of the data, saying that most of the emails were from day-to-day operations, and that some files were false, put in with the dump to ‘sow doubt and disinformation’.

France’s vote will be run in stages, with residents of the country’s overseas departments and territories being the first to mark their ballot papers. Saint Pierre and Miquelon, a small dependency off the coast of Canada’s Newfoundland island, will be the first to cast their votes. French people in the diaspora will also take priority in voting, before Metropolitan France’s 47 million voters will begin visiting around 70,000 polling stations today.

SOURCES:

Google News https://news.google.co.uk/?ar=1494148359

“French election: voting begins as France decides between Macron and Le Pen” – Jon Henley, The Guardian/Guardian News and Media Limited (7 May 2017) https://www.theguardian.com/world/2017/may/07/voting-begins-in-final-round-of-french-presidential-election

IMAGE CREDIT:

“File:French presidential election P1200051.jpg” – David Monniaux, Wikimedia Commons (14 April 2007) https://commons.wikimedia.org/wiki/File:French_presidential_election_P1200051.jpg

EHI LIVE 2015: Data Standards and Governance Conference

As part of the its conference series being held at the NEC arena in Birmingham this November, e-health events organisation EHI is showcasing a special meeting on the subjects of data standards and governance in the British National Health Service, the company reported recently.

The Data Standards and Governance Conference, which is being scheduled for the 3rd November 2015 at Birmingham’s NEC Hall 1, will examine the issues of developing guidelines and standards for information exchange within the NHS and other health providers. The NHS holds millions of patient records, research information, study results and other significant quantities of medical data on different websites, databases and cloud services, and there are both legal and corporate protocols to be adhered to in ensuring the safety and integrity of that data.

As the NHS aims to become more environmentally friendly and carbon neutral, there is an increasing trend towards making the health service’s data more paperless. Alongside that, there is a greater emphasis on interoperability between the 15 NHS trusts, 3 foundation trusts, 16 social enterprises and over 8,000 GP practices that compose the NHS, according to figures from the NHS Confederation. The conference aims to address these issues in order for healthcare providers to adopt clear  and governance initiatives to enable the safe, efficient exchange of patient data.

The conference will help attendees explore the challenges in developing standards for information exchange in the NHS as well as a look at the steps being taken to build patient trust for a patient centric health service. This is even more essential as the NHS experiences wave after wave of government cutbacks and internal reorganisation.

(c) US FDA/Wikimedia Commons

Likely conference topics will include the building of trust, patient and staff confidence through the system of information governance; creation of a patient-friendly data strategy, and the utilisation of open-source software in data governance to help reduce computing costs.

The event, which will last from 10:00 am to 4:15 pm on the first day of the EHI 2015 stream of conferences, will begin with a case study on the future of electronic patient information. This will be followed by topics on the ‘Code for Health’, working with Care.data pathfinder CCGs and the economics of open-source programs, along with a special presentation by key NHS ICT supplier Microsoft.

Guest expert speakers will include Malcolm Senior (director of informatics, Taunton and Somerset NHS Foundation Trust), Shane Tickell (chief executive officer, IMS Maxims in Milton Keynes), Peter Coates (open source program head, NHS England) and Eve Roodhouse (programme director for Care.data, HSCIC) among others.

The Data Standards and Governance conference is one of several specialised events to be taking place at EHI 2015. Other planned events include the CCIO Annual Conference, the Health CIO Annual Conference and the HANDI Health Apps Conference, along with many other events focussing on diverse NHS technology discussions around 3D printing, big data and genomic medicine, health and social care, imaging informatics, NHS social media, cloud software and digital primary care services.

DISCLAIMER: The writer is an employee of Informa plc. which is the holding company of EHI Health, the organisers of the EHI 2015 conferences.
SOURCES:
Informa Accounts, The Half-Eaten Mind, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/informa-accounts
Life Sciences Events, Informa Life Sciences, Informa plc., Twitter, Twitter Inc. https://twitter.com/ls_informa
“DATA STANDARDS AND GOVERNANCE” – EHI Live 2015, Informa Life Sciences Exhibitions/Informa PLC http://www.ehilive.co.uk/conference-streams/conferences/data-standards-and-governance/
IMAGE CREDIT:
CC Search, Creative Commons http://search.creativecommons.org/
“File:Desktop Computer – The Future for Medicine (FDA 095) (8249708093).jpg” – The U.S. Food and Drug Administration, Wikimedia Commons (6 December 2012) https://commons.wikimedia.org/wiki/File:Desktop_Computer_-_The_Future_for_Medicine_(FDA_095)_(8249708093).jpg