Tuesday, 25 July, 2017

Trusts were told about security patch last month — NHS cyberattack

Melissa Porter | 17 May, 2017, 13:03

"The growth rate of infected institutions has slowed significantly on Monday compared to the previous two days", Chinese Internet security company Qihoo 360 said, as cited by Reuters.

The ransomware worm that took the world by storm over the weekend, WannaCry, has brought to light the fact that many companies outside of the United States may not be properly insured to deal with the financial damage caused by the attack.

There are apprehensions that a second wave of the attack may arrive Monday as employees return and switch on affected computers.

There are several factors in play.

Though a British security researcher "MalwareTech" managed to stop the spread of the virus, hackers have issued new versions that cybersecurity organisations are trying to counter.

At least one strain of the ransomware has proven especially vicious. Something as simple as bringing in a USB (thumb drive) from your home to transfer large files from one computer to another could have the same effect, if the USB has been infected. "The governments of the world should treat this attack as a wake up call". Previous attacks targeted one machine at time. They were installing software to fix the problems.

In Britain, whose health service was among the first high-profile targets of the attack on Friday, some hospitals and doctors' offices were still struggling to recover.

Security agencies are hunting for those behind a crippling cyberattack which has so far hit hundreds of thousands of computers worldwide, including at government agencies, factories and health services.

Energy giant PetroChina said payment systems at some of its petrol stations were hit, although it had been able to restore most of the systems.

Russian Central Bank: State media agency Tass reported the bank discovered malware bulk emails to banks but detected no compromise of resources.

"That's what makes this more troubling than ransomware was a week ago", Thakur said.

On Monday NHS Digital said it had posted a patch to prevent such an attack on 25 April and that the WannaCry incident would have been prevented if all NHS organizations had installed the patch on their systems.

Security experts have warned that ransomware is the fastest growing form of computer virus. The statement said antivirus systems are working to destroy it.

Megafon: A spokesperson for Russian telecommunications company Megafon told CNN that the cyberattack affected call centers but not the company's networks. He said the situation was under control. Since the PCs are no longer patched by Microsoft, it's highly likely these devices are unprotected and potentially littered with vulnerabilities that could be exploited by a cyber criminal.

Barts Health Trust in London, the largest NHS trust, was affected and their computer system remains unusable.

"As regards the source of these threats, I believe that the leadership of Microsoft have announced this plainly, that the initial source of the virus is the intelligence services of the US", Putin said. "We will continue to work with affected (organizations) to confirm this", the agency said.

Some patients have been told their appointments today have been cancelled, but the East and North Hertfordshire NHS Trust advises people to attend appointments unless they have been told not to.

The government held an emergency ministerial meeting on Saturday and was due to meet again on Monday.

Last year, the NHS data guardian issued a specific warning in her annual report about the dangers of using out-of-date software - mentioning this could lead to a cyberattack.