facebook rss twitter

Ransomware Wanna Decryptor causing IT failures across NHS

by Mark Tyson on 12 May 2017, 16:45

Tags: UK Government

Quick Link: HEXUS.net/qadhfx

Add to My Vault: x

NHS England's local NHS systems and IT services have been buckling under "a suspected national cyber attack", according to reports coming through this afternoon. Areas noted to have been affected include; London, Blackburn, Blackpool, Nottingham, Cumbria and Hertfordshire.

In Blackpool, for example, phone and IT systems used by GPs have been shut down with doctors resorting to pen and paper. Similarly phones and IT systems in at the East and North Hertfordshire NHS trust which are reportedly out of action. Even more concerning are reports that people are being asked to stay away from A&E departments at hospitals in the two affected regions mentioned above. I'm sure most people would prefer not to go to A&E but are simply compelled to due to emergency… Computers working or not.

Wanna Decryptor Ransomware

In a statement published a few minutes ago by NHS Digital, initial investigations are said to be pointing at the Wanna Decryptor Ransomware malware. The agency doesn't think that patient data has been accessed or stolen. Indeed Wanna Decryptor's modus operandi is to encrypt your documents and files and demand cash to decrypt them for you.

NHS Digital says that the Department of Health and NHS England weren't the only government targets in this attack. At the time of writing 16 NHS organisations have reported being affected by the malware.

UPDATE:

Microsoft has been working to issue patches in light of the large scale ransomware attack that affected some 99 countries yesterday.  It has issued patches for WIndows XP and other custom support platforms. A TechNet blog post is available explaining the move and providing guidance.



HEXUS Forums :: 46 Comments

Login with Forum Account

Don't have an account? Register today!
I'm sorry but I did have to lol a little bit. I've heard how bad the IT departments are and this kinda confirms it
It looks like Spain has also been hit by the same attack, so this is quite a bit more widespread than originally thought.
How stupid do you have to be to do this getting on the craplist of just about every intelligence agency everywhere. Trying to extort money but instead throwing your whole life away for nothing.
Skorne
How stupid do you have to be to do this getting on the craplist of just about every intelligence agency everywhere. Trying to extort money but instead throwing your whole life away for nothing.

It's nice they also decided to target a service which will affect I'll patients too. Perhaps they think the NHS data is important enough that they'll get the ransom.
DBAN all the PC's and servers
Image them using SCCM
Restore data from backup

About a week's job, Could be done over the weekend with a lot of manpower.