WANNACRY ATTACK: NHS, major organisations left reeling by co-ordinated hack

 

Winnipeg – VIJAY SHAH via Winnipeg Free Press and ReportCA.net

Several of the United Kingdom’s National Health Service trusts, as well as numerous large companies across the globe are still recovering from a large-scale ‘unprecedented’ ransomware cyber attack which occurred this weekend, ReportCA.net wrote yesterday.

The ‘cyberextortion’ attack, which involved hackers accessing computers via phishing emails, and locking systems and encrypting company data, also affected numerous firms engaged in the manufacturing, finance and transport sectors. Government agencies were also caught up in the debacle. Technicians at the NHS, which offers subsidised healthcare in the U.K., scrambled to limit the spread of the ransomware, which caused problems with accessing patient data and hospital appointments, among other things. Many companies ordered their employees to disconnect their workstations from the Internet and to avoid opening emails from unfamiliar sources.

Such was the scale of this weekend’s mass attack, Microsoft was moved into changing its cybersecurity policy, making free of charge updates and patches for computers running older packages such as Windows XP, which many small and medium enterprises still rely on, due to the expense of system upgrades or lack of technical knowledge and ICT skills.

 

 

 

Apart from the NHS, Spain’s Telefonica and Iberdrola also reported computers being targeted. The German national railway Deutsche Ban was another victim. ReportCA.net published a photo taken by an eyewitness at Chemnitz rail station, showing a display board for train times. The screen was partly obscured by a red and white pop-up with a padlock logo, a sight reported by other victims of the attack. The hackers locked out users and demanded payment in bitcoin currency to release encrypted data. Other victims included the Russian Interior Ministry, the country’s mobile phone operators MTS and MegaFon, French car maker Renault, and football clubs in Europe. One long-established club, IF Odd, said Saturday that its online ticketing service was crippled by the ransomware.

The British home secretary Amber Rudd said that one in five of her country’s 248 NHS trusts, which manage hospitals and patient services above general practitioner level, had been hit. Thousands of patient appointments and operations, including for serious conditions, were cancelled, as medical staff were frozen out of their databases and systems. According to Rudd, 48 trusts were affected, but quick reaction times by their ICT departments meant that as of yesterday, only six were still reporting issues. The National Cyber Security Centre also stepped in to mitigate the impact of the attack.

Cybersecurity officials urged both individuals and companies to ensure they regularly update their anti-virus and security systems, enact security updates if they are Windows users and to back-up data on a separate server or in the cloud.

The source of the attack is as yet unknown, although Russian and Chinese hackers have targeted companies and governmental agencies in the West in past years. Two cybersecurity firms, Avast and Kaspersky Lab, have said that the ransomware attacked PCs in 70 countries, with Russia the most affected. There have been reports that the hackers used the WannaCry ransomware program, said to have been based on spying technology utilised by America’s NSA (National Security Agency). More than 36,000 infections were detected by yesterday. It is reported that the hackers behind ‘WannaCry’ stole the hacking tools from the NSA, which created the tool to exploit a loophole in Microsoft’s Windows operating system.

Ori Eisen, founder of Trusona cybersecurity firm in Scottsdale, Arizona, USA, warned that the WannaCry attack is just the beginning and another more advanced attack could have serious and potentially lethal implications. Speaking with the Associated Press news agency, Eisen said: This is child”s play, what happened. This is not the serious stuff yet. What if the same thing happened to 10 nuclear power plants, and they would shut down all the electricity to the grid? What if the same exact thing happened to a water dam or to a bridge?” he asked.

“Today, it happened to 10,000 computers,” Eisen said. “There”s no barrier to do it tomorrow to 100 million computers.”

Intranational policing agency Europol described the attack as at “an unprecedented level and will require a complex international investigation to identify the culprits.”

The onslaught of WannaCry was successfully halted after a 22-year-old British cybersecurity researcher, known only by his or her tag ‘MalwareTech’ accidently stumbled across a ‘kill switch’ that disabled the ransomware. By entering a nonsensical domain name, MalwareTech was able to stop the malware spreading further. He or she purchased the domain name for around £9, yet this quick thinking decision saved companies millions in potential damage control. The kill switch only worked for those not affected however, and many organisations who were already hit were forced to pay the ransom demand or call up emergency data stocks.

SOURCES:

HEM Newsbreakers, HEM News Agency, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/hem-newsbreakers

Report 24 Canada, Twitter, Twitter Inc. https://twitter.com/Report24CA

“Unprecedented global “ransomware” attack seeks cash for data” – Winnipeg Free Press via ReportCA.net (13 May 2017) https://reportca.net/2017/05/unprecedented-global-ransomware-attack-seeks-cash-for-data/

IMAGE CREDIT:

“File:Wana Decrypt0r screenshot.png” – WannaCry via SecureList, Wikimedia Commons (12 May 2017) https://commons.wikimedia.org/wiki/File:Wana_Decrypt0r_screenshot.png

 

Advertisements

EHI LIVE 2015: Data Standards and Governance Conference

As part of the its conference series being held at the NEC arena in Birmingham this November, e-health events organisation EHI is showcasing a special meeting on the subjects of data standards and governance in the British National Health Service, the company reported recently.

The Data Standards and Governance Conference, which is being scheduled for the 3rd November 2015 at Birmingham’s NEC Hall 1, will examine the issues of developing guidelines and standards for information exchange within the NHS and other health providers. The NHS holds millions of patient records, research information, study results and other significant quantities of medical data on different websites, databases and cloud services, and there are both legal and corporate protocols to be adhered to in ensuring the safety and integrity of that data.

As the NHS aims to become more environmentally friendly and carbon neutral, there is an increasing trend towards making the health service’s data more paperless. Alongside that, there is a greater emphasis on interoperability between the 15 NHS trusts, 3 foundation trusts, 16 social enterprises and over 8,000 GP practices that compose the NHS, according to figures from the NHS Confederation. The conference aims to address these issues in order for healthcare providers to adopt clear  and governance initiatives to enable the safe, efficient exchange of patient data.

The conference will help attendees explore the challenges in developing standards for information exchange in the NHS as well as a look at the steps being taken to build patient trust for a patient centric health service. This is even more essential as the NHS experiences wave after wave of government cutbacks and internal reorganisation.

(c) US FDA/Wikimedia Commons

Likely conference topics will include the building of trust, patient and staff confidence through the system of information governance; creation of a patient-friendly data strategy, and the utilisation of open-source software in data governance to help reduce computing costs.

The event, which will last from 10:00 am to 4:15 pm on the first day of the EHI 2015 stream of conferences, will begin with a case study on the future of electronic patient information. This will be followed by topics on the ‘Code for Health’, working with Care.data pathfinder CCGs and the economics of open-source programs, along with a special presentation by key NHS ICT supplier Microsoft.

Guest expert speakers will include Malcolm Senior (director of informatics, Taunton and Somerset NHS Foundation Trust), Shane Tickell (chief executive officer, IMS Maxims in Milton Keynes), Peter Coates (open source program head, NHS England) and Eve Roodhouse (programme director for Care.data, HSCIC) among others.

The Data Standards and Governance conference is one of several specialised events to be taking place at EHI 2015. Other planned events include the CCIO Annual Conference, the Health CIO Annual Conference and the HANDI Health Apps Conference, along with many other events focussing on diverse NHS technology discussions around 3D printing, big data and genomic medicine, health and social care, imaging informatics, NHS social media, cloud software and digital primary care services.

DISCLAIMER: The writer is an employee of Informa plc. which is the holding company of EHI Health, the organisers of the EHI 2015 conferences.
SOURCES:
Informa Accounts, The Half-Eaten Mind, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/informa-accounts
Life Sciences Events, Informa Life Sciences, Informa plc., Twitter, Twitter Inc. https://twitter.com/ls_informa
“DATA STANDARDS AND GOVERNANCE” – EHI Live 2015, Informa Life Sciences Exhibitions/Informa PLC http://www.ehilive.co.uk/conference-streams/conferences/data-standards-and-governance/
IMAGE CREDIT:
CC Search, Creative Commons http://search.creativecommons.org/
“File:Desktop Computer – The Future for Medicine (FDA 095) (8249708093).jpg” – The U.S. Food and Drug Administration, Wikimedia Commons (6 December 2012) https://commons.wikimedia.org/wiki/File:Desktop_Computer_-_The_Future_for_Medicine_(FDA_095)_(8249708093).jpg

EHI AWARDS 2015: Special event for healthcare IT professionals in London

EHealth Media, a division of the conferences and training brand Informa, is hosting a special event for national specialists in healthcare ICT this October.

The EHI Awards is a flagship awards event within the healthcare IT calendar. This unique and well-subscribed event will bring together more than 700 information technology and clinical professionals from the National Health Service (NHS) along with suppliers of health ICT engaging their customers for a night of celebration, fun and networking.

The evening will be a celebration of the important work that people in IT and informatics help contribute to the running of British healthcare services and the vital role they maintain in enabling services and adding benefit to the NHS in particular. As the 21st century progresses, ICT and technology in general is playing an increasingly essential role to the day-to-day running of NHS front-line and administration services.

English: East Midlands Ambulance Service NHS Trust
English: East Midlands Ambulance Service NHS Trust (Photo credit: Wikipedia)

The awards will be hosted at a glamorous ballroom at the Park Plaza Westminster Bridge hotel, in the centre of London on the 1st October, 2015. There will be live entertainment from a big name comedian, plus a pre-dinner drinks reception on arrival, a three course dinner, a half a bottle of wine per person, mineral water, coffee, petit fours and late evening entertainment. Attendees can reach the Park Plaza very easily from Waterloo Station and Underground, a five-minute walk away, plus easy access to local buses and taxicabs. There will also be a dinner and music as part of the entertainment.

The categories under which awards will be handed over by a celebrity host are:

Interested parties should send in their entries by Friday 15 May at 4:00 pm at the latest. The event organiser also asks that potential awards nominees attend a judging day on Wednesday 15 July 2015 at the King Power Stadium, Leicester, in order to present to the awards judges there. The event nominations are open to any healthcare IT organisation of any size based in the UK. Entry to the competition is free but tickets for the night are to be paid for.

The EHI Awards 2015 are being organised by EHealth Media in conjunction with Informa Life Sciences, a fellow division of Informa plc engaged in the provision of events and training for experts in the fields of pharmaceutics, biomedicine, and other scientific industries. Category sponsors include Dell, CGI, Lexmark Healthcare, Intersystems, IMS Maxims and General Dynamics Health Solutions.

(c) V. Shah/M. Kampf/MyFunStudio

 

Celebrating our 400th post on the Half-Eaten Mind.

DISCLAIMER: The writer is an employee of Informa plc.
SOURCES:
Informa Accounts, The Half-Eaten Mind, Twitter, Twitter Inc. https://twitter.com/halfeatenmind/lists/informa-accounts
Life Sciences Events, Twitter, Twitter Inc. https://twitter.com/ls_informa
“Awards ceremony” – EHI Awards 2015, EHealth Media/Informa PLC http://www.ehealthawards.com/awards-night
“Categories” – EHI Awards 2015, EHealth Media/Informa PLC http://www.ehealthawards.com/view-categories
“FAQs” – EHI Awards 2015, EHealth Media/Informa PLC http://www.ehealthawards.com/faqs
“Sponsorship opportunities” – EHI Awards 2015, EHealth Media/Informa PLC http://www.ehealthawards.com/sponsor
IMAGE CREDITS:
“File:East Midlands Ambulance Service NHS Trust.jpg” – East Midlands Ambulance Service NHS Trust, Wikimedia Commons (26 May 2009) https://commons.wikimedia.org/wiki/File:East_Midlands_Ambulance_Service_NHS_Trust.jpg
“Fireworks graphics” – Picgifs.com http://www.picgifs.com/graphics/fireworks/graphics-fireworks-733533-761515/