Out of date Operating Systems leave NHS open to latest cyber attack

Earlier today we saw the WanaCrypt0r 2.0 ransomware (the updated version of the WCry ransomware that first appeared in March) spread across the globe infecting companies and organisations ranging from Telefonica in Spain to the NHS here in the UK. @malwrhunterteam starting posting about it on Twitter when it was infecting countries other than the UK, then a few hours later there were reports of the NHS under cyber attack.

Whilst early media reports were that this was deliberately targeted at the NHS, this attack has spread far and wide with infections in at least 11 countries in the first 2 hours after initial detection. It was quickly tracked, monitored, and identified by many Information Security experts around the world. By 7.30pm (4 hours after detection) the BBC was reporting that the attack had been seen in 74 countries.

This particular ransomware targets a known vulnerability in Microsoft operating systems that was patched on 14th March this year (MS17-010) for all supported operating systems. However parts of the  NHS still run Windows XP, which Microsoft stopped supporting in 2014. Despite the NHS itself having an extended support contact for critical security updates, the affected machines were clearly not up to date.

The exploits found and patched in MS17-010 originate from cyber attack tools originating at the NSA, known as "Fuzzbunch". This shows the evil that can be done through the development of cyber attack tools for the gains of nation states. Instead of concentrating on this dangerous task, countries should focus on finding security issues for software companies to patch. 

Pirate Party UK Secretary and IT Security Expert, Matt Johnson said:

"Keeping up to date with security patches is of upmost importance, especially in organisations such as the NHS that hold sensitive data and run vital life-critical services. Due to cuts and lack of infrastructure investment we are now starting to see the results of not having a good cyber plan. Despite the huge investment in the new National Cyber Security Centre there has clearly been no proper consideration of the many other services that need looking after.

"Those currently identified as vunerable to the ransomware are all Windows users, for versions from XP through to Windows 10.

"It's vital you ensure you take appropriate measures in terms of anti-virus and firewall precautions, and most importantly you must update your system regularly. Since the vulnerabilities were fixed, in MS17-010 you can easily protect yourself against this attack.

"Currently the ransomware is spreading at a rate where shortly before 16:00 today there were over 9,000 infected individual IP addresses.

"This malware works by pivoting from machine to machine using a Server Message Block (SMB) exploit (utilising a mechanism used for connecting to network drives). This means that when an infected device connects to your network or you connect to a network that contains an infected device, it will attempt to execute the malware on your machine remotely and automatically infect you. 

Advice for the individual is to be vigilant. Don't connect to public Wifi with a vulnerable (Windows) machine, and prevent any untrusted or infected device from connecting to your home network. If you have a vulnerable machine, isolate it from your network if you cannot secure your network.

"We need to be cautious and rational in our reaction to these attacks. The Pirate Party proposes better education around technology to understand it's defects, vulnerabilities, and how to protect yourself - we must not allow those who wish to stifle our access to new technologies or those who simply don't understand the modern world to breed a culture of panic and fear when such cyber attacks are identified."


About Pirate Party UK

The Pirate Party in the UK is a fledgling political party. It has fielded a few candidates in European and National elections, but like most small parties it is significantly constrained by the UK electoral system. Despite this, the Pirate Party has started to poll alongside major parties and is looking to build support from the grassroots. The party is standing 10 candidates in the June 2017 General Election.

Find out more about the UK Pirate Party at https://pirateparty.org.uk/ or contact campaigns@pirateparty.org.uk 

Friday, 12 May, 2017 - 21:00

About the Press Team

Pirate Party spokespeople are always ready to give a lively, informed, and often provocative view on the issues of the day. Whether it's tech politics, civil liberties, the EU, local issues or anything else we'll have something to say.

How can I contact the Press team?

For interview requests, specific statements or quotes email the Press Office at press@pirateparty.org.uk.  You can sign up to receive press releases or find more contact details on our contact page if you would like to get in touch with a specific person or team.

If you would like further information about a specific person you can find biographies and images on their profile page by searching our staff and volunteer list and you can access some of the many appearances online, in print, on TV and radio from our press hits.