Hospitals across England hit by large-scale cyber-attack

322 点作者 porterde大约 8 年前

66 条评论

mvdwoord大约 8 年前

After 20 years in IT, listening to all the bullshit by "Management" about "Audits" and "accepting the risk", "lessons learned" and whatnot.Honestly, I would be glad if a high impact issue like this, would change any of that for the better. I am unfortunately also a cynic (after 20 years in, well anywhere really) so I doubt it will. This means it will only negatively impact people who need the healthcare, and a bunch of consultants will make millions on sweeping up the mess, and creating the next failure-to-be.I'm making popcorn.

评论 #14325211 未加载

评论 #14325625 未加载

评论 #14325123 未加载

评论 #14325200 未加载

评论 #14324981 未加载

评论 #14325806 未加载

评论 #14326477 未加载

评论 #14324902 未加载

评论 #14325339 未加载

评论 #14326332 未加载

评论 #14325407 未加载

评论 #14324929 未加载

kaoD大约 8 年前

According to Spain's CCN-CERT it's spreading through a remote code execution vulnerability in Windows' SMB Server, affecting pretty much all versions of Windows.<a href="https://www.ccn-cert.cni.es/seguridad-al-dia/comunicados-ccn-cert/4464-ataque-masivo-de-ransomware-que-afecta-a-un-elevado-numero-de-organizaciones-espanolas.html" rel="nofollow">https://www.ccn-cert.cni.es/seguridad-al-dia/comunicados-ccn...</a><a href="https://technet.microsoft.com/en-us/library/security/ms17-010.aspx" rel="nofollow">https://technet.microsoft.com/en-us/library/security/ms17-01...</a>IIUC the security updates have been available since March. I can understand bureaucratic entities having shitty security policies, but Telefónica? It's just... wow.

评论 #14324686 未加载

评论 #14325090 未加载

评论 #14325233 未加载

jstanley大约 8 年前

The ransom from the address in the screenshot appears to have been paid: <a href="https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw" rel="nofollow">https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8is...</a>Here's another screenshot, with a different address: <a href="https://img.jes.xxx/1472" rel="nofollow">https://img.jes.xxx/1472</a>Also appears to be paid: <a href="https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn" rel="nofollow">https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNX...</a>

评论 #14325366 未加载

评论 #14325972 未加载

评论 #14325608 未加载

评论 #14325296 未加载

评论 #14325436 未加载

jgrahamc大约 8 年前

Friend of mine who works for the NHS sent me the following email:All of NHS PCs and hospital systems have gone down from a ransomware trojan!I have a full clinic this afternoon, and no way to look at my patients' histories, or meds. It's a damned disgrace.‎The Trojan is demanding some bitcoins be paid, else they'll lose the boxen.The entire NHS is penetrated.I can't vouch for "the entire NHS is penetrated"

评论 #14324582 未加载

评论 #14324545 未加载

评论 #14325032 未加载

评论 #14325520 未加载

评论 #14325250 未加载

factsaresacred大约 8 年前

Seems like non-targeted ransomware - <a href="https://twitter.com/ShaunLintern/status/863032223469056004" rel="nofollow">https://twitter.com/ShaunLintern/status/863032223469056004</a> - based on the modest $300 request.Note: I've zero idea if that screenshot is legit but it's posted on The Health Care Journal website so it likely is.Edit:- Earliest Google result for "WanaDecryptor" is from Aug 2015 (All other search results are from today):> almost all of the files on the D drive is encrypted. C is not touched by the disc. file found is in the ProgramData folder, there is a hidden folder, the virus in it. When you delete a folder that is created again and the process starts again.<a href="http://www.cyberforum.ru/viruses/thread1979411.html" rel="nofollow">http://www.cyberforum.ru/viruses/thread1979411.html</a><a href="http://www.cyberforum.ru/viruses/thread1979358.html" rel="nofollow">http://www.cyberforum.ru/viruses/thread1979358.html</a>- Discussion from today mentioning it infecting Spanish Telecoms: <a href="http://gta-trinity.ru/forum/index.php?/topic/57671-novejshij-virus-na-pk/" rel="nofollow">http://gta-trinity.ru/forum/index.php?/topic/57671-novejshij...</a>.

评论 #14325281 未加载

lol768大约 8 年前

Existing discussion thread: <a href="https://news.ycombinator.com/item?id=14324129" rel="nofollow">https://news.ycombinator.com/item?id=14324129</a>---------Shutting everything down seems like a really rash response, especially when these systems seem to be used for critical communication e.g. the phones too. The Twitter messages seem to suggest that doctors are seeing this on their personal machines, but why would this impact the phone system? Are they not separated out?I'm also really curious as to how this started. The article mentions a "bug" in the IT systems - some sort of novel zero day in the software they're using that was exploited remotely? Or is it more likely someone screwed up and ran something without thinking?There are reports on twitter that this is impacting X-rays, pagers as well as the phone system. This is ridiculous if true and suggests there have been some major failings when putting this infrastructure in place. Perhaps underinvestment in IT is to blame.

评论 #14324442 未加载

评论 #14324505 未加载

评论 #14324868 未加载

评论 #14324862 未加载

评论 #14324456 未加载

ojosilva大约 8 年前

This is apparently part of coordinated ransomware campaign targeting large corporations in Europe, only a few of which are making the news at this time. Some other links:<a href="https://www.ft.com/content/74c666ec-8dc7-3b20-b573-245bc0e9d935" rel="nofollow">https://www.ft.com/content/74c666ec-8dc7-3b20-b573-245bc0e9d...</a><a href="http://www.impala.pt/noticias/pt-alvo-ataque-informatico/" rel="nofollow">http://www.impala.pt/noticias/pt-alvo-ataque-informatico/</a> [PT]

noxToken大约 8 年前

Caught wind of this earlier today with a European client. We were advised to not connect to their network via VPN. Looks like it's a large scale attack that's affecting more than just hospitals in England.These could be a coincidence though.Here is a source article talking about a Spanish TelCo: <a href="https://www.usnews.com/news/technology/articles/2017-05-12/spanish-companies-hit-by-ransomware-cyber-attack" rel="nofollow">https://www.usnews.com/news/technology/articles/2017-05-12/s...</a>

评论 #14325473 未加载

user5994461大约 8 年前

This is really fun to see two ransom threads on top of HN.This one asking for $300 to the NHS and the other one asking for $600 000 to a phone provider.Either the criminals have no idea what the NHS is or $300 is the limit of what middle managers can pay without much approval.

评论 #14325667 未加载

评论 #14326087 未加载

评论 #14325790 未加载

shubb大约 8 年前

NHS systems are remarkably un-integrated. Communication, especially between trusts and external organisations like GPs, is often by email. I'll be surprised if this isn't an email worm.

评论 #14325276 未加载

DanBC大约 8 年前

NHS Digital have released a comment: <a href="https://www.digital.nhs.uk/article/1491/Statement-on-reported-NHS-cyber-attack" rel="nofollow">https://www.digital.nhs.uk/article/1491/Statement-on-reporte...</a>===begin quote===A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack which is affecting a number of different organisations.The investigation is at an early stage but we believe the malware variant is Wanna Decryptor.At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this.NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations.This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.Notes to editors As at 15.30, 16 NHS organisations had reported that they were affected by this issue.===end quote===I'd be interested to know how many patients are under the care of those 16 organisations.

评论 #14328203 未加载

评论 #14324952 未加载

alva大约 8 年前

Bitcoin address transactions<a href="https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn" rel="nofollow">https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNX...</a><a href="https://blockchain.info/address/1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY" rel="nofollow">https://blockchain.info/address/1QAc9S5EmycqjzzWDc1yiWzr9jJL...</a><a href="https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94" rel="nofollow">https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6N...</a>

评论 #14324756 未加载

评论 #14324945 未加载

pjc50大约 8 年前

NHS IT is, of course, vastly under-funded compared to even modest startups, and entangled in bureaucracy of upgrades. I used to work with someone who was one of two sysadmins for a hospital of several thousand staff.

评论 #14324549 未加载

mark_l_watson大约 8 年前

Two weeks ago I contacted my Congressman explaining how important encryption and general IT security is. While he said he agreed with me in principle, he said that terrorism is such a huge problem that things like back doors, weaker encryption, etc. are more important than strong encryption and general IT security. His reply was lengthy, but didn't say what I wanted to hear.

评论 #14325948 未加载

评论 #14328532 未加载

评论 #14328434 未加载

评论 #14326997 未加载

MichaelGG大约 8 年前

For $300, even per machine, it seems like a cheap "mind your backup/restore system" lesson.

评论 #14325899 未加载

评论 #14325978 未加载

评论 #14325655 未加载

评论 #14325503 未加载

LinuxBender大约 8 年前

Ransomware is doing a good job of partitioning sensitive data from those that should not be (mis)managing it.

TomK32大约 8 年前

Like the NHS didn't have enough problems with unhappy staff, unfilled positions and Brexit looming... very uncool.

frereubu大约 8 年前

The NHS is notorious for using outdated software, so I'm surprised it's taken so long. We build websites for third-sector organisations who often deal with the NHS and we're only just now persuading them to drop support for Windows XP / IE8.

评论 #14324702 未加载

uxhacker大约 8 年前

This must be a new virus. It is hitting Spanish and Portugese Telecoms.<a href="https://www.usnews.com/news/technology/articles/2017-05-12/spanish-companies-hit-by-ransomware-cyber-attack" rel="nofollow">https://www.usnews.com/news/technology/articles/2017-05-12/s...</a><a href="http://sicnoticias.sapo.pt/pais/2017-05-12-PT-Vodafone-EDP-e-KPMG-alvo-de-ataque-informatico" rel="nofollow">http://sicnoticias.sapo.pt/pais/2017-05-12-PT-Vodafone-EDP-e...</a> (Portuguese)The worrying part is distribution and essencial companies and services

sofaofthedamned大约 8 年前

lol<a href="https://twitter.com/GCHQ/status/863039131399663618" rel="nofollow">https://twitter.com/GCHQ/status/863039131399663618</a>

评论 #14325685 未加载

clydethefrog大约 8 年前

A Dutch news article is claiming that ransomware can be fixed by "big IT security companies". [1] I thought there was no fix to these cyber-attacks unless you have a backup. I am interested how any fixes are possible?[1] <a href="http://nos.nl/artikel/2172840-waarschuwing-voor-grote-internationale-gijzelsoftware-campagne.html" rel="nofollow">http://nos.nl/artikel/2172840-waarschuwing-voor-grote-intern...</a>

cronopios大约 8 年前

Telefónica, the main telecommunications provider in Spain, is also hit. Employees were instructed to shut down their PC's and go home.

评论 #14325468 未加载

评论 #14325342 未加载

ge96大约 8 年前

Does it not make sense to have a "sub-layer" a local network of files rather than files being accessible by outside. I guess once "something" is in, like that Iran Stuxnet PLC attack, then it's inside and can execute from within.Unless it's like a local attack whether by a worker or something like found a thumb drive outside, plugged it into my work computer.not my field

cjrp大约 8 年前

I wonder how many of these systems have already been exploited (silently) in order to extract things like patient details? Scary.

EternalData大约 8 年前

It seems like for that amount of money, you could have tried doing a bug bounty instead :/I get that this is probably social hacking/phishing, so not really analogous -- but I wonder if there's a way to apply that kind of mentality to good. I wonder if there's white hat phishing (though I guess that might be oxymoronic).

n3storm大约 8 年前

Spanish biggest telecom and others had been hit too: <a href="http://www.elmundo.es/tecnologia/2017/05/12/59158a8ce5fdea194f8b4616.html" rel="nofollow">http://www.elmundo.es/tecnologia/2017/05/12/59158a8ce5fdea19...</a>WannaCry ramsoware is the culprit.

lol768大约 8 年前

Shutting everything down seems like a really rash response, especially when these systems seem to be used for critical communication e.g. the phones too. The Twitter messages seem to suggest that doctors are seeing this on their personal machines, but why would this impact the phone system? Are they not separated out?I'm also really curious as to how this started. The article mentions a "bug" in the IT systems - some sort of novel zero day in the software they're using that was exploited remotely? Or is it more likely someone screwed up and ran something without thinking?Edit: There are reports on twitter that this is impacting X-rays, pagers as well as the phone system. This is ridiculous if true and suggests there have been some major failings when putting this infrastructure in place.

评论 #14324424 未加载

评论 #14324833 未加载

评论 #14324581 未加载

jasonkostempski大约 8 年前

This recently happened to a hospital in Buffalo NY: <a href="http://www.wgrz.com/news/local/ecmc-still-fixing-computer-system-problems/431724954" rel="nofollow">http://www.wgrz.com/news/local/ecmc-still-fixing-computer-sy...</a>

Asdfbla大约 8 年前

If only intelligence agencies spent as much money and effort on securing its critical systems as they invest in sabotaging other countries' infrastructure. Maybe putting defense first would be helpful, especially considering how easy the proliferation of offensive tools is.

fencepost大约 8 年前

Something like this (though I don't know if it was targeted or a combination of luck+poor procedures) took down > 400 medical practices hosted by Greenway a few weeks ago. Some were down for as much as 9 days, and at day 11 I know of one that still didn't have access to their scanned documents.Greenway had backup procedures in place, but they were file-based - backing up databases, transaction logs, files, etc. and able to restore them onto a new server image as required. The problem arose when they had to do that for hundreds of customer servers at once.One of my customers knew there was a big problem when she signed onto their server (Intergy On Demand, hosted by Greenway, accessed via RDP) and saw ransom icons on the server desktop.

devrandomguy大约 8 年前

I would be interesting in finding a medical doctor's or a biologist's perspective on this. Suppose we consider the NHS to be a body, in the greater environment of the internet/economy/government. What traits of that environment led to the evolution of this ransomware pathogen? Now that we have had a massive, but not lethal exposure to it, how can we build up an immunity? What changes to the environment would eliminate the refuges of this pathogen?

评论 #14326697 未加载

rdiddly大约 8 年前

"There is no evidence patient data has been compromised, NHS Digital has said."Um, doesn't "encrypted beyond your reach" fall somewhere under "compromised?"

评论 #14326836 未加载

Animats大约 8 年前

The parent article does not use the word "Microsoft".

GedByrne大约 8 年前

It says the attack hit multiple sites simultaneously. A worker said that the ransomware came through on the computers around 2pm.This doesn't sound like a spread by phishing or attachment.How could such an attach be co-ordinated?I can think of two possibilities:1) The attack has been spreading over days or weeks with a trigger date for activation. 2) The ransomware has been distributed through the desktop update system.Any other ideas?

评论 #14325827 未加载

crocal大约 8 年前

This is affecting pretty much all Europe. We are shutting down everything here: France, UK, Italy, Spain, Sweden, ...

评论 #14325583 未加载

dberhane大约 8 年前

The BMJ published an article recently about hackers targeting hospitals, "The hackers holding hospitals to ransom": <a href="http://www.bmj.com/content/357/bmj.j2214" rel="nofollow">http://www.bmj.com/content/357/bmj.j2214</a>

r721大约 8 年前

Kaspersky Lab's Analysis:<a href="https://securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/" rel="nofollow">https://securelist.com/blog/incidents/78351/wannacry-ransomw...</a>

fasinfranco大约 8 年前

Maybe related to the cyber attack on Telefonica? <a href="http://www.elmundo.es/tecnologia/2017/05/12/59158a8ce5fdea194f8b4616.html" rel="nofollow">http://www.elmundo.es/tecnologia/2017/05/12/59158a8ce5fdea19...</a>

crocowhile大约 8 年前

I think the most interesting aspect of all this is that it's a clear evidence that even machines possessing highly sensitive data (like NHS computers) are super vulnerable to any remote penetration. The request for a ransom may just be the tip of the iceberg here.

评论 #14327379 未加载

rcarmo大约 8 年前

Maltracker entry: <a href="https://maltracker.net/analysis/file/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa/" rel="nofollow">https://maltracker.net/analysis/file/ed01ebfbc9eb5bbea545af4...</a>

DanBC大约 8 年前

Here's a list of the trusts / etc that are affected.<a href="https://twitter.com/ShaunLintern/status/863116822228422656" rel="nofollow">https://twitter.com/ShaunLintern/status/863116822228422656</a>

boznz大约 8 年前

Strange question but why is this data in file-systems and not on SQL/Cloud systems?

justforFranz大约 8 年前

I wonder what the odds are that an attack on infrastructure like this could kill someone?

评论 #14325887 未加载

评论 #14326504 未加载

a2decrow大约 8 年前

And this is the reason why you don't centralize critical infrastructure and don't put yourself in vendor lock-ins.Makes me wonder how many of those infected machines didn't have to be connected to the internet in the first place.

评论 #14325235 未加载

jjgreen大约 8 年前

Sounds like ransomeware <a href="https://twitter.com/asystoly/status/863027172453351424" rel="nofollow">https://twitter.com/asystoly/status/863027172453351424</a>

mobiplayer大约 8 年前

If I were CEO of one of the big companies I would fire the CIO for not tracking critical patching and I would later resign for not making him/her accountable until now.

Animats大约 8 年前

How is this attack being distributed? It can't take much user involvement, or it wouldn't be hitting large numbers of systems that only run in-house applications.

评论 #14325671 未加载

ziikutv大约 8 年前

Something like this also happened at Carleton University, but they did not pay the ransom. I assume they just used backups. They have really good (and super nice) IT people.

jumpkickhit大约 8 年前

How do these things decrypt?Couldn't someone take the "already paid" bitchain address from someone else, put it in and click "paid" with that to unlock it?

tonmoy大约 8 年前

How can I protect myself from these NSA level attacks (not attacks by NSA, but by criminals who now have these tool)? Is keeping Windows up to date enough?

politician大约 8 年前

Is it not a form of malpractice by these hospitals to be running medically critical services on obsolete unsupported devices?

la_oveja大约 8 年前

Spanish big companies like Telefonica, Inditex, Iberdrola, Endesa... are being attacked too.Seems serious.

评论 #14324509 未加载

评论 #14324410 未加载

lumberjack大约 8 年前

This is probably the first major hacking incident that will cause multiple deaths.

djsumdog大约 8 年前

So we should build backdoors into encryption to prevent this, right? /s

peteretep大约 8 年前

I guess it's only a matter of time until patient records are available.

genericacct大约 8 年前

Surely just a coincidence that BTC reached a new all time high today ?

BillFranklin大约 8 年前

On the other hand, $300 sounds like a bargain.

评论 #14326333 未加载

评论 #14324539 未加载

crocal大约 8 年前

It's a large scale attack impacting many companies. We are under attack and are shutting down everything here: France, Spain, Italy, UK, Sweden, ...

amiga-workbench大约 8 年前

Why the hell do they need thick Windows boxes to handle patient records, would a dumb terminal not do and be far more resistant to this kind of problem.

评论 #14327026 未加载

评论 #14330161 未加载

corpMaverick大约 8 年前

How long until paying ransom for a cyber attack becomes a crime ?

评论 #14325837 未加载

adv0r大约 8 年前

the same is happening in spain <a href="https://www.ccn-cert.cni.es/seguridad-al-dia/comunicados-ccn-cert/4464-ataque-masivo-de-ransomware-que-afecta-a-un-elevado-numero-de-organizaciones-espanolas.html" rel="nofollow">https://www.ccn-cert.cni.es/seguridad-al-dia/comunicados-ccn...</a>

评论 #14324642 未加载

adv0r大约 8 年前

look at what is happening in spain Telefonica giant

aluhut大约 8 年前

I'm sure some secret agency has backups of that data.

评论 #14325355 未加载

pyrale大约 8 年前

And I thought the tories were tech illiterates... they sure have improved!

评论 #14325616 未加载

easilyBored大约 8 年前

NHS in England hit by 'cyber-attack' with ransomware demanding $300 in BitcoinExcuse us but we just found out that you're NHS. Please make it $300,000 or else.Asking for just a little is a pretty good tactic, used by these guys, patent trolls and the mafia for protection money.

6stringmerc大约 8 年前

In the aftermath I wonder if we'll ever find out how the attack was enabled. As in, who opened the attachment. My hunch? An Executive high enough in Leadership who won't get fired. Will be interesting to see.

评论 #14325584 未加载

评论 #14325497 未加载

评论 #14325474 未加载

评论 #14335431 未加载

评论 #14325408 未加载

评论 #14326147 未加载

评论 #14325807 未加载

66 条评论

mvdwoord大约 8 年前

评论 #14325211 未加载

评论 #14325625 未加载

评论 #14325123 未加载

评论 #14325200 未加载

评论 #14324981 未加载

评论 #14325806 未加载

评论 #14326477 未加载

评论 #14324902 未加载

评论 #14325339 未加载

评论 #14326332 未加载

评论 #14325407 未加载

评论 #14324929 未加载

kaoD大约 8 年前

评论 #14324686 未加载

评论 #14325090 未加载

评论 #14325233 未加载

jstanley大约 8 年前

评论 #14325366 未加载

评论 #14325972 未加载

评论 #14325608 未加载

评论 #14325296 未加载

评论 #14325436 未加载

jgrahamc大约 8 年前

评论 #14324582 未加载

评论 #14324545 未加载

评论 #14325032 未加载

评论 #14325520 未加载

评论 #14325250 未加载

factsaresacred大约 8 年前

评论 #14325281 未加载

lol768大约 8 年前

评论 #14324442 未加载

评论 #14324505 未加载

评论 #14324868 未加载

评论 #14324862 未加载

评论 #14324456 未加载

ojosilva大约 8 年前

noxToken大约 8 年前

评论 #14325473 未加载

user5994461大约 8 年前

评论 #14325667 未加载

评论 #14326087 未加载

评论 #14325790 未加载

shubb大约 8 年前

NHS systems are remarkably un-integrated. Communication, especially between trusts and external organisations like GPs, is often by email. I'll be surprised if this isn't an email worm.

评论 #14325276 未加载

DanBC大约 8 年前

评论 #14328203 未加载

评论 #14324952 未加载

alva大约 8 年前

评论 #14324756 未加载

评论 #14324945 未加载

pjc50大约 8 年前

评论 #14324549 未加载

mark_l_watson大约 8 年前

评论 #14325948 未加载

评论 #14328532 未加载

评论 #14328434 未加载

评论 #14326997 未加载

MichaelGG大约 8 年前

For $300, even per machine, it seems like a cheap "mind your backup/restore system" lesson.

评论 #14325899 未加载

评论 #14325978 未加载

评论 #14325655 未加载

评论 #14325503 未加载

LinuxBender大约 8 年前

Ransomware is doing a good job of partitioning sensitive data from those that should not be (mis)managing it.

TomK32大约 8 年前

Like the NHS didn't have enough problems with unhappy staff, unfilled positions and Brexit looming... very uncool.

frereubu大约 8 年前

评论 #14324702 未加载

uxhacker大约 8 年前

sofaofthedamned大约 8 年前

lol<a href="https://twitter.com/GCHQ/status/863039131399663618" rel="nofollow">https://twitter.com/GCHQ/status/863039131399663618</a>

评论 #14325685 未加载

clydethefrog大约 8 年前

cronopios大约 8 年前

Telefónica, the main telecommunications provider in Spain, is also hit. Employees were instructed to shut down their PC's and go home.

评论 #14325468 未加载

评论 #14325342 未加载

ge96大约 8 年前

cjrp大约 8 年前

I wonder how many of these systems have already been exploited (silently) in order to extract things like patient details? Scary.

EternalData大约 8 年前

n3storm大约 8 年前

lol768大约 8 年前

评论 #14324424 未加载

评论 #14324833 未加载

评论 #14324581 未加载

jasonkostempski大约 8 年前

Asdfbla大约 8 年前

fencepost大约 8 年前

devrandomguy大约 8 年前

评论 #14326697 未加载

rdiddly大约 8 年前

"There is no evidence patient data has been compromised, NHS Digital has said."Um, doesn't "encrypted beyond your reach" fall somewhere under "compromised?"

评论 #14326836 未加载

Animats大约 8 年前

The parent article does not use the word "Microsoft".

GedByrne大约 8 年前

评论 #14325827 未加载

crocal大约 8 年前

This is affecting pretty much all Europe. We are shutting down everything here: France, UK, Italy, Spain, Sweden, ...

评论 #14325583 未加载

dberhane大约 8 年前

r721大约 8 年前

fasinfranco大约 8 年前

crocowhile大约 8 年前

评论 #14327379 未加载

rcarmo大约 8 年前

DanBC大约 8 年前

boznz大约 8 年前

Strange question but why is this data in file-systems and not on SQL/Cloud systems?

justforFranz大约 8 年前

I wonder what the odds are that an attack on infrastructure like this could kill someone?

评论 #14325887 未加载

评论 #14326504 未加载

a2decrow大约 8 年前

评论 #14325235 未加载

jjgreen大约 8 年前

Sounds like ransomeware <a href="https://twitter.com/asystoly/status/863027172453351424" rel="nofollow">https://twitter.com/asystoly/status/863027172453351424</a>

mobiplayer大约 8 年前

If I were CEO of one of the big companies I would fire the CIO for not tracking critical patching and I would later resign for not making him/her accountable until now.

Animats大约 8 年前

How is this attack being distributed? It can't take much user involvement, or it wouldn't be hitting large numbers of systems that only run in-house applications.

评论 #14325671 未加载

ziikutv大约 8 年前

Something like this also happened at Carleton University, but they did not pay the ransom. I assume they just used backups. They have really good (and super nice) IT people.

jumpkickhit大约 8 年前

How do these things decrypt?Couldn't someone take the "already paid" bitchain address from someone else, put it in and click "paid" with that to unlock it?

tonmoy大约 8 年前

How can I protect myself from these NSA level attacks (not attacks by NSA, but by criminals who now have these tool)? Is keeping Windows up to date enough?

politician大约 8 年前

Is it not a form of malpractice by these hospitals to be running medically critical services on obsolete unsupported devices?

la_oveja大约 8 年前

Spanish big companies like Telefonica, Inditex, Iberdrola, Endesa... are being attacked too.Seems serious.

评论 #14324509 未加载

评论 #14324410 未加载

lumberjack大约 8 年前

This is probably the first major hacking incident that will cause multiple deaths.

djsumdog大约 8 年前

So we should build backdoors into encryption to prevent this, right? /s

peteretep大约 8 年前

I guess it's only a matter of time until patient records are available.

genericacct大约 8 年前

Surely just a coincidence that BTC reached a new all time high today ?

BillFranklin大约 8 年前

On the other hand, $300 sounds like a bargain.

评论 #14326333 未加载

评论 #14324539 未加载

crocal大约 8 年前

It's a large scale attack impacting many companies. We are under attack and are shutting down everything here: France, Spain, Italy, UK, Sweden, ...

amiga-workbench大约 8 年前

Why the hell do they need thick Windows boxes to handle patient records, would a dumb terminal not do and be far more resistant to this kind of problem.