Non-motoring > NHS Cyber attack | Miscellaneous |
Thread Author: CGNorwich | Replies: 70 |
NHS Cyber attack - CGNorwich |
Went to my Doctor's surgery today. Virtually shut down as all comouter systems are out. Understand the hospital is similarly affected. www.bbc.co.uk/news/live/39901370 |
NHS Cyber attack - tyrednemotional |
...it's a virus......... |
NHS Cyber attack - Manatee |
Or somebody in the data centre has a hacking cough. |
NHS Cyber attack - Robin O'Reliant |
Must be a bug going round. |
NHS Cyber attack - zippy |
If they ever catch the scum behind this and they are in a country that has a proper legal system, I hope that they figure out a way to keep them in prison for a very, very long time. |
NHS Cyber attack - Focal Point |
I read a news item on this that seemed to imply the NHS, or individual trusts/hospitals, is still using Windows XP. Apparently this latest exploit did not/could not affect Windows 10. Even with the financial issues that must be involved, does the NHS think that it is not worth upgrading? |
NHS Cyber attack - Bromptonaut |
>> Even with the financial issues that must be involved, does the NHS think that it >> is not worth upgrading? I suspect the issues involved in upgrade go well beyond the cost of new OS software/licences. Even within an individual trust or GP practice there will be bits of bespoke and legacy software in critical function which may have compatibility issues in an upgrade. It would need to be thoroughly tested and perhaps modified, a real problem with bespoke stuff where the original support is no longer extant. Of course it needs to interact with related NHS bodies too. Be intersted in perspective of our resident IT professionals. A couple of personal anecdotes: One of my forst encounters with IT in the Civil Service was in a cashier unit providing a service to three disparate public facing teams. One used a Solicitors accounting package originally supplied with hardware by Burroughs and with significant bespoke additions. After Burroughs became part of Unisys support for the bespoke stuff ended - I cannot remember the full history. There was one man who worked from home who could provide software updates which of course we needed from time to time. Much later and in another organisation we migrated from NT to XP. We, a small Quango, had very little bespoke stuff by then, mostly data functions running in MS Access and all pretty straightforward. But across whole of the Dept it was a massive project of documenting, testing etc. Seem to recall noticing that supermarket checkouts in one chain (Sainsbury) are XP based. Last edited by: Bromptonaut on Sat 13 May 17 at 11:19
|
NHS Cyber attack - sherlock47 |
Zero will know more detail, but I believe that some ATMs are (were?) XP based. That could cause some embarrassment ! Some petrol pumps are XP based. I was somewhat concerned when a a pump crashed to a BSoD during PIN entry during a unattended pump pre-authorisation- I suspect that it could be possible to capture un-encrypted card details and PIN information at that point if somebody was smart enough. I watched the screen as the pump then successfully rebooted itself with a DOS style screen display. I declined to repeat the entry at that point, and spoke with the Fraud line at Bcard.. |
NHS Cyber attack - Zero |
>> Zero will know more detail, but I believe that some ATMs are (were?) XP based. >> That could cause some embarrassment ! Indeed a large percentage of ATMs are still XP based. However due to the way they are attached to the network, and the file sharing services this crypto hack uses are stripped out, then this is unlikely to affect ATMs. That's not to say that ATMs are hack proof, they ain't and they have been, far more often than your bank is prepared to admit. Big lesson, never open attachments you are not expecting, or know what they are. Crypto locker hacks are the single biggest threat around at the moment |
NHS Cyber attack - Falkirk Bairn |
NHS bodies in Scotland seem to have got off lightly - GP systems (Windows) & some peripheral systems in NHS - I think this is down to luck or rather failing to upgrade. When I was last in hospital, 2010, the system was an old ICL/Fujitsu patient record system that was so old it did not conform to really anything other than 1980s technology. The PCs at the front end were Windows XP & assume that the applications were glued together with the ancient backend patient record system. As there have been no outcries of £XXXm hospital sysytem failing in the last 7 years I have to assume it still the old systems limping along. The out of hours system (NHS24) has spent £200m, 3 years behind & it will be ready by Christmas (No year mentioned)!! A son works for a merchant bank - their PCs are the latest BUT are locked down & are effectively "intelligent dumb terminals" as all the programmes, processing & data are held on a Central system & the end user has no access to functions on the PC (for example USB ports function disabled, no access to local hard drive etc etc). It is all to do with CONTROL - that is what the NHS (& other Government Depts need) - the DWP system that pays Family allowances, Old Age Pensions etc is something like 30 year old software running of 15 year old hardware - Fujitsu wants to get out of it BUT getting IT Systems & Government to work is the stuff of Science Fiction!!) |
NHS Cyber attack - Dog |
Renault have been hit now, so their cars wont be as reliable as they usually are. :} |
NHS Cyber attack - madf |
Microsoft have stated that no-one has been affected on the latest Windows version with Updates and Internet security on. Ergo - all those affected are run by numpties (out of date software, security poor, allow games, allow USB connections of memory sticks, no backups/backups do not recover.) As far as IT goes, the NHS should have standardised procedures , systems and hardware and operating methods..As it is centrally run, it says much about the quality of management that it does not and this can happen. |
NHS Cyber attack - zippy |
We switched out from XP in 2015 and a huge number of legacy systems had to be checked for compatibility. It was a huge expense. Laptops had to go to major offices for a weekend which meant a lot of staff lost the Friday and Monday commuting to offices. A lot of laptops that couldn't run newer versions of Windows had to be replaced. I wonder what the Information Commissioner will have to say about the management of the NHS IT system as it was left open to this particular known vulnerability that could have easily have stolen data? All staff where I work have to sit six monthly training and exams re data protection and security. IT staff have to go through even more thorough mandatory training. The NHS seem to persecute whistle blowers and I wonder if this is one of the reasons why their IT teams have not spoken up about the ancient operating systems being used? |
NHS Cyber attack - Zero |
>> Ergo - all those affected are run by numpties Corporates will point you to the windows 10 users with updates on who were crippled by a Microsoft patch. No large corporates use MS updates natively, Internet security had nothing to do with this hack, it's a very clever one stolen from the NSA >> the NHS should have standardised procedures , systems and hardware >> and operating methods..As it is centrally run, it says much about the quality of management >> that it does not and this can happen. The NHS is not centrally run, it's a series of independent trusts >> >> |
NHS Cyber attack - sooty123 |
> As far as IT goes, the NHS should have standardised procedures , systems and hardware >> and operating methods..As it is centrally run, it says much about the quality of management >> that it does not and this can happen. I don't think it is centrally run, there's a health dept of course but i bet alot of things are left to each health trust to run and decide on. |
NHS Cyber attack - sooty123 |
Where i work there's still computers running on windows 95/98 and will be for quite a few years to come. |
NHS Cyber attack - Dutchie |
A mighty cock up by a simple virus according to a ex hacker.Outdated I.T.systems makes you wonder who really runs the show in the Jewel of the Crown. |
NHS Cyber attack - Zero |
>> A mighty cock up by a simple virus according to a ex hacker. Nothing simple about it. The payload is devastating and unretrievable, its delivered by deceptive social engineering, and spread/propogated using two separate hacking tools developed by the NSA then stolen, and only just fixed by a matter of months in Windows 10. The NHS is not the only organisation to get hit, this is the biggest exploit for some years. |
NHS Cyber attack - spamcan61 |
This attack has caused major problems for 'blue chip' companies in countries scattered around the globe, so it's a tad far fetched to blame it on outdated NHS IT systems |
NHS Cyber attack - henry k |
20+ years ago I and others in a worldwide household name company tried and tried to get the board to understand how important it was to have a director directly involved responsible for computer security. . Even we told them " Forget it was called computer security it is now Business Continuity and it really does mean a failure could take the company down" The approach to Y2000 was well done with a total audit of PCs plus odds and sods of programs. That slimmed down the varieties of PCs, programs etc. I think flushed with that success they then relaxed and took their eye off the ball. Now " Its not our problem cos it is outsourced" Too big to fail ? It is not like you can just chuck money at it. |
NHS Cyber attack - Dulwich Estate II |
If only the NHS had layer upon layer of extremely well paid managers to monitor every aspect of how it all functions this would not have happened . . . . . er. . . hang on a minute . . . Will heads roll over this debacle ? No. Will whistleblowers still get sacked ? Yes |
NHS Cyber attack - Zero |
Everyone is getting all agitated because its the NHS. Would you still be whining about layers of managers, whistleblowers, head rolling if it was say, Nissan? Oh it was! And Fedex, and a major spanish bank and and and You are all like baying knitting women at the guillotine. |
NHS Cyber attack - zippy |
>> Everyone is getting all agitated because its the NHS. Would you still be whining about >> layers of managers, whistleblowers, head rolling if it was say, Nissan? Oh it was! And >> Fedex, and a major spanish bank and and and >> >> You are all like baying knitting women at the guillotine. >> We all have an investment in the NHS via our taxes and as politicians insist on running it, it gives us the opportunity to comment on it and the running of it. If it were a private hospital we wouldn't care. |
NHS Cyber attack - CGNorwich |
Yes easy to overreact and it would seem the vast majority of thee NHS systems are now up and running which perhaps indicates their resilience and strength rather thN the opposite. Having worked in the private sector I suspect thart they have as many or even more computers systems disasters and waste more money than the public sector. They are just better at hiding the cock ups, not being subject to public scrutiny. Last edited by: CGNorwich on Sat 13 May 17 at 19:07
|
NHS Cyber attack - Cliff Pope |
No problems at our surgery. Patient records are kept in paper folders and they communicate with the hospital by letter. The hospital database must use Windows 3.1 - Our address was changed by the Post Office in 1985, but the hospital system won't recognise that. Letters take a few months to arrive. |
NHS Cyber attack - Mike Hannon |
>>We all have an investment in the NHS via our taxes and as politicians insist on running it, it gives us the opportunity to comment on it and the running of it. If it were a private hospital we wouldn't care.<< Not even if it was still about people - ie, our fellow man/woman? |
NHS Cyber attack - Focal Point |
"No problems at our surgery. Patient records are kept in paper folders and they communicate with the hospital by letter." This must be the same "system" as used by my surgery, which to date has received no record of my procedure in hospital in January of this year. Mind you, the hospital itself wasn't much better. It sent me a further invitation for my procedure shortly after I was discharged after the op. |
NHS Cyber attack - Falkirk Bairn |
>>the vast majority of thee NHS systems are now up and running The floods might have receded but the damage will take ages to put right - if ever! |
NHS Cyber attack - zippy |
>> >>the vast majority of thee NHS systems are now up and running >> >> The floods might have receded but the damage will take ages to put right - >> if ever! >> As I understand it, the files have been encrypted and it would take ages to encrypt them. We only have enough local storage for a days work on our laptops and PCs with everything stored on a server. The server gets backed up nightly and regular snapshots are taken throughout the day so I would hope that if something like this happened only a few hours of work would be lost. I hope the NHS have a similar system. Last edited by: zippy on Sun 14 May 17 at 16:12
|
NHS Cyber attack - Zero |
>> As I understand it, the files have been encrypted and it would take ages to >> encrypt them. Its not possible to decrypt them without the key. In the past they key has been hidden in the exploit itself, but not this time. >> We only have enough local storage for a days work on our laptops and PCs >> with everything stored on a server. The server gets backed up nightly and regular snapshots >> are taken throughout the day so I would hope that if something like this happened >> only a few hours of work would be lost. One of this infections nasty little side effects its to turn off snapshots and backups, and if the shadow/backup/snapshots are available on a network, they get encrypted too. Recovery is via offline/offsite backups. Last edited by: Zero on Sun 14 May 17 at 18:20
|
NHS Cyber attack - Rudedog |
This all seemed to kick-off proper just as I was logging-off on Friday, although we had had several warning messages sent to 'all-users' via our Helpdesk warning of a potential threat happening, all NHS users have to use NHSMail2 to send messages, it wasn't that long ago (if you remember) that we had the UK issue of when a single email was sent 'reply to all' from a GP surgery asking to be removed from a group-list which almost brought the service down and that was purely by accident. IM&T updates will only happen if the money comes from central government and is ring-fenced for this purpose, two weeks ago our department had all of our XP's upgraded to Win 7, unfortunately this also required an hardware upgrade at the same time for them to be able run Win 7, guess what.. we didn't get 'new' PCs just refurbished ones which all varied in condition. Unfortunately on Friday there were plenty of 'armchair' IT experts on the radio saying how easy it is to 'fix' the IT systems in the NHS….. obviously none of them have worked on the 'coal face' in the NHS! |
NHS Cyber attack - zippy |
>>Unfortunately on Friday there were plenty of 'armchair' IT experts on the radio saying how easy it is to 'fix' the IT systems in the NHS..... obviously none of them have worked on the 'coal face' in the NHS! It is never going to be easy and it is never going to be cheap. Refurbished equipment, it just brings the upgrade date around sooner! Our IT department lives in a bunker. They shred the hard drives and motherboards on end of life equipment. Last edited by: zippy on Sun 14 May 17 at 23:13
|
NHS Cyber attack - Hard Cheese |
>> >> >> Refurbished equipment, it just brings the upgrade date around sooner! >> Not necessarily - a PC circa 2009 running a decent Core 2 Duo processor will blitz through virtually any current application, and a good graphics card of the same era will run virtually any current display. PC's don't need to be any more powerful than that and it is only software compatibility and not computing power or reliability that drives the obsolescence. I take some perverse pride in keeping my E8400 Core 2 Duo workstation running, currently on Win 7 Pro as I prefer it to 10, it flies using a Sandisk Ultra SSD to run the OS and a conventional drive for storage, I cloned the hard drive and let that update to 10 before last year's July deadline so can revert to 10 any time. |
NHS Cyber attack - Hard Cheese |
and it is only software compatibility and not computing power or reliability that drives >> the obsolescence. >> In other words much better to keep hardware estates longer and invest in security and refine that security rather than regularly update hardware and introduce vulnerabilities. |
NHS Cyber attack - Zero |
>> and it is only software compatibility and not computing power or reliability that drives >> >> the obsolescence. >> >> >> >> In other words much better to keep hardware estates longer and invest in security and >> refine that security rather than regularly update hardware and introduce vulnerabilities. Not really, in the past IT security was not so much a threat. Today it is, and as a consequence security is built in (or attempted) fr the ground up, sometimes at hardware and microcode level. |
NHS Cyber attack - No FM2R |
Why do you prefer W7? W10, at least the interface, isn't all that different. And where it is different, I prefer it. I rarely have any difficulty with W10, not that I really had any with W7 either mind you. Vista was nasty. |
NHS Cyber attack - Zero |
Windows 10 is fine now, I finally upgraded from 7 this year, following my "never be an early adopter" strategy. |
NHS Cyber attack - Hard Cheese |
>> Why do you prefer W7? >> 10 is fine, I use it on my laptop, though I prefer the 7 GUI, the start menu, the general look and feel. And some aspects of 10 are a mix of graphic styles, like settings which is in the more contemporary 10 style and control panel that's lifted from 7. It's not perfectly integrated and that grates. |
NHS Cyber attack - Lygonos |
Our practice still makes a daily back-up of all our on-site server data on 2 separate hard drives at the end of the working day. Is this more or less susceptible to hacking than having a remote server (which has been mooted as best practice by many)? I presume it is safer to do what we currently do but the IT skills are weak with me. |
NHS Cyber attack - Zero |
>> Our practice still makes a daily back-up of all our on-site server data on 2 >> separate hard drives at the end of the working day. >> >> Is this more or less susceptible to hacking than having a remote server (which has >> been mooted as best practice by many)? >> >> I presume it is safer to do what we currently do but the IT skills >> are weak with me. This exploit was very good at finding and attacking stuff it found on networks, and was virulent in its spread. (which is why it spread through the NHS, because of interconnection) IF your on site backups are connected all the time on the same network, they too could have been compromised. You need a separate backup on a different logical network, through a firewall with most of its ports blocked. Or only have your backup drives mounted at the time they are required, IE after you know the days data is good. On site backups? so what happens if there is a fire, or the roof caves in and floods your server? Remote backup is always safer for very many reasons. Last edited by: Zero on Mon 15 May 17 at 08:57
|
NHS Cyber attack - Falkirk Bairn |
>>Remote backup is always safer for very many reasons. Back up on to 2 hard drives - 1 fixed in the office, the other portable - put it in a fireproof box or take it homethe car when going home - 2Gb drives are very cheap. |
NHS Cyber attack - Lygonos |
>>On site backups? so what happens if there is a fire, or the roof caves in and floods your server? The data is backed up onto 2 separate drives that are taken off the premises (pretty much for the reason you mention - fire/flood/epic IT fail - they are only hooked up at the end of the day to make the back-ups. Presumably a virus could remain latent in the server data and be 'backed up' inadvertently at the end of the day to be deployed at a later date? |
NHS Cyber attack - commerdriver |
>> Presumably a virus could remain latent in the server data and be 'backed up' inadvertently >> at the end of the day to be deployed at a later date? >> >> Yes, that is why most places will keep several levels of backup, usually a series of 7 or even 31 daily backups so that you can go back to a copy before the virus was on the system. |
NHS Cyber attack - No FM2R |
>>Presumably a virus could remain latent in the server data and be 'backed up' inadvertently at the end of the day to be deployed at a later date? Absolutely. You need to have a strategy which covers your needs. To have an appropriate strategy you need to differentiate between a "disaster" and a "bad thing". What you are trying to guard against is a disaster. To guard against bad things typically costs to much time, money and effort. Daily backups, then taken off site will at best protect you from loss of disk, loss of computer, loss of building. However, what happens if the building catches fire while you're actually doing the backup? So now you know you need two backups so that there is always one off site while the other is in the building being updated. So now you know that if the worst comes to the worst you could lose 24 hours data. Is that a bad thing or a disaster? If its a bad thing, then probably you should accept the risk. If its a disaster then you need to think more. Should you have shadow copies of some sort, perhaps remotely? Assuming that's practicable. That way you are protected from virtually, but not all, potential loss. You would still be vulnerable to deliberate or accidental deletion which is why you need your own off -site backups as well. However, as you mention, your backup, or indeed your cloud copy, could be replicating the malware, virus or corruption. Also, you say you are backing up data, so presumably your programs, applications and similar remain at risk. Perhaps maybe you should consider something like a major quarterly or monthly full image backup as well? If you have two sets of nightly backups, you can only ever roll back 48 hours if you find you have a problem. Maybe a monthly or quarterly backup would give you the facility to roll back much further. And so it goes on. There is an economic and appropriate backup strategy for you. But first you have to determine what you are trying to protect against, and where the line between disaster and bad thing lies. How many days data loss represents a disaster? Is there some data loss which is a bad thing and some which is a disaster? How many days down time is a disaster? If you lose your building, is that a disaster or a bad thing? Does it take all your software, licences and installation media with it? How recoverable are they? If someone breaks in and steals all your technology, how bad is that? etc. etc. I should think something like an online offsite replication/shadowing solution, nightly backups and monthly images should cover you. Sorry to go on so much, Disaster Recovery Strategies are one of my "things". |
NHS Cyber attack - Hard Cheese |
>>Disaster Recovery Strategies are one of my "things". >> Aha, do you cause many then? ;-) |
NHS Cyber attack - No FM2R |
8-) I try to restrict myself to dealing with other's dastardly deeds, |
NHS Cyber attack - zippy |
>>Disaster Recovery Strategies Reminds me of an incident at my last employer. A large and business critical regional office was flooded on a weekend and staff were texted to either make their way to the disaster recovery site on Monday morning or arrive at a local car park where coaches would ferry them some 50 or so miles to a dedicated disaster recovery centre. They dutifully turned up at the centre only to be told that they weren't expected and would not be accommodated! Of course no one could call the disaster recovery company as all the contact details were in the flooded offices. Significant sums had been paid to the company monthly for access to the site in an emergency and dry runs had been made to check that it had computers, connections to the ex employers back office system etc, of course all by appointment! The contract was promptly cancelled and an alternative set up. In the meantime the IT department set people up to work from home, shipped others to offices around the country etc. |
NHS Cyber attack - Zero |
> >> The contract was promptly cancelled and an alternative set up. In the meantime the IT >> department set people up to work from home, shipped others to offices around the country >> etc. You can't blame the DR contractor, all DR contracts have "invocation procedures". You can't, and never could just rock up without invoking the DR company and the processes. |
NHS Cyber attack - commerdriver |
>> Is this more or less susceptible to hacking than having a remote server (which has >> been mooted as best practice by many)? >> Identical in terms of susceptibility to hacking but a viable alternative as far as recovery from a hack such as this one goes. Real time backup to a remote server throughout the day gives the best result from a data loss point of view. Where are your backups kept? If the practice had a major fire are all your copies in the same place? |
NHS Cyber attack - Bromptonaut |
>W10, at least the interface, isn't all that different. And where it is different, I prefer it. Use 10 at home and 7 Pro at work and shift between them without a problem. The issue I do have is that there seems to be no restriction on people 'customising' machines to their own preference with desktop apps and fancy graphics. In the paid role I share a PC with another part timer. We're both happy with it in windows classic view and the same suite of tabs/favourites. If I use someone else's desk I spend 20minutes finding where they've hidden stuff and dealing with fact that every PC seems to have different defaults for saving files. |
NHS Cyber attack - Mapmaker |
The big problem is unnecessary increases in computing power. If XP on a Pentium (or whatever) was good enough for running a diary and a bit of word processing a decade ago, then it's as good today. The computer and software manufacturers are in league to build in obsolescence so they can sell you new stuff. |
NHS Cyber attack - Hard Cheese |
>> The big problem is unnecessary increases in computing power>> >> The computer and software manufacturers are in league to build in obsolescence so they can sell you new stuff. >> Totally, as I said above an 8-10 year old machine will run today's OSs and applications with no trouble. PCs don't need to be any more powerful than a decent Core 2 Duo and video graphics achieved a level at that time that 99% of people would not perceive as any worse than is typical today. |
NHS Cyber attack - commerdriver |
>> The computer and software manufacturers are in league to build in obsolescence so they can >> sell you new stuff. >> Bit strong MM :-) The computer manufacturers make faster machines because many people want faster machines. The software manufacturers, similarly, introduce extra functions many people want While I agree that many users are happy with basic functions which would run on older machines and older levels of software there is a limit to how many different software and hardware levels and combinations thereof manufacturers can support. If you want to run old hardware and software you are thus on your own when it comes to compatibility with things like webpages, document interchange etc, and especially, as we have seen this weekend, security. Same thing is happening around us as older vehicles are effectively being priced out of cities as they are "more polluting" even though they still get people from A to B. |
NHS Cyber attack - Zero |
Windows will always deteriorate into a thing that feels like a sloth in treacle. The more savvy can fix it with a reload, usually using a clone taken when it was fresh and set up the way you want it. The less savvy will pay someone to do it, from install media The even less savvy will buy a new PC. |
NHS Cyber attack - Bromptonaut |
>> The even less savvy will buy a new PC. Just bought a new PC to replace my 'desktop' laptop - an under specced Packard Bell with occasional hardware issues. I inherited that four years ago when The Lad found it's HDD too small for his music etc. library. Best price for what I wanted was at PC World. Got usual sales pitch for warranties, set up and creation of restore media etc etc. Don't worry says I, been messing with computers since mid nineties (ie before sales lad was a zygote). Had it up out of the box in 15minutes - far easier than last time - XP era - I had a brand new one of my own. Was also told that pre 2010 versions of MS Office are incompatible with Win10 and offered a 'good' price for latest version. I rarely use the programme but it's worth having Word and Excel for odd bit of household admin and Office 2003, for which I have a CD, fulfils my needs. Offer declined on basis that I'd use Open Office if necessary. Surprise, surprise Office 2003 installed with only a minor stall for some files to be skipped. |
NHS Cyber attack - Hard Cheese |
>>Was also told that pre 2010 versions of MS Office are incompatible with Win10 and >> offered a 'good' price for latest version. I rarely use the programme but it's worth >> having Word and Excel for odd bit of household admin and Office 2003, for which >> I have a CD, fulfils my needs. Offer declined on basis that I'd use Open >> Office if necessary. >> >> Surprise, surprise Office 2003 installed with only a minor stall for some files to be >> skipped. >> Office 2007 is officially compatible with 10 IIRC and is actually very contemporary giving away little to new versions, I still use it on my now Windows 10 with SSD laptop. Office 2003 was the last of the old gen and is a little dated now. Conversely I use Office 2010 on my 7 workstation and see no need at all to upgrade. |
NHS Cyber attack - nice but dim |
>> The even less savvy will buy a new PC. The even more savvy will fit an SSD. Last edited by: VxFan on Mon 15 May 17 at 12:45
|
NHS Cyber attack - Hard Cheese |
>> >> The even more savvy will fit an SSD. >> Yes, there is a lot to be said for that, I have fitted an SSD to my laptop and run the OS and applications on an SSD on my workstation, the latter starts up and shuts down in about 35 secs and hardware intensive stuff in Photoshop etc wiz along, in fact with a conventional HDD Photoshop used to take 10-15 secs to load, with the SSD it's less than a second, no other hardware changes. though apparently statistically SSDs are more likely to fail than conventional HDDs still though so I entrust my data to the latter. |
NHS Cyber attack - Hard Cheese |
>> >> While I agree that many users are happy with basic functions which would run on >> older machines and older levels of software>> The point is that the older machines are quite capable of running the new software. Regular software updates make great sense of course, however I reckon that say, upgrading hardware every six years rather than three and in the meantime spending resources on battening down security, and maintaining user familiarity vi progressive change, unfamiliar users is a vulnerability. |
NHS Cyber attack - Old Navy |
My doctor's surgery and local pharmacy IT must be OK, yesterday I submitted an online request for repeat prescription drugs. Approved this morning and will be ready for collection tomorrow. |
NHS Cyber attack - Mapmaker |
Having thought about it, I think Microsoft have a corporate responsibility and culpability in this. If you buy an MRI scanner with a 30 year life, then the BBC Model B that was able to operate it when it was first purchased will be just as able to operate it at the end of its design life. The machinery does not require the bloatware that requires the hardware upgrades that allows bloatissumusware etc. etc. MIcrosoft are well aware that much older equipment is perfectly well running machinery. Their refusal to keep patching old OSs is unreasonable. They know perfectly well that there is a public health benefit to keeping such machines going and a charitable benefit in allowing those in, say, third world countries to continue with their old machines. Yet they won't do it. And they have taken themselves into a position of world domination whereby everybody is reliant on their software. Time for the G20 to stand up to them and make them work for a living. If the entire world - based on their machines - collapses then the inevitable global recession will hit them harder than most. |
NHS Cyber attack - Hard Cheese |
>> Having thought about it, I think Microsoft have a corporate responsibility and culpability in this. >> >> If you buy an MRI scanner with a 30 year life, ... >> I reckon an MRI scanner may well be offline running legacy XP, Win 2000, NT etc. The encryption problems will affect the email system, HR systems, financial data, word processing, appointment systems, letters etc etc. |
NHS Cyber attack - commerdriver |
>> Having thought about it, I think Microsoft have a corporate responsibility and culpability in this. >> >> If you buy an MRI scanner with a 30 year life, then the BBC Model >> B that was able to operate it when it was first purchased will be just >> as able to operate it at the end of its design life. Without apologising for Microsoft , realistically expecting support for 30 year old IT hardware and software i is unreasonable. In the example you mention do the BBC still support the BBC Model B. Also 30 years ago we were on windows 3.1.1. for such devices. Windows XP was not sold after 2008 and went out of support in 2014, 6 years later Without upgrading, any hardware purchased in that timeframe has a number of ways it could have been upgraded in software terms if users had made the effort. If you want to use a standalone device with it it will still work. If you want to attach it to the real world where there are some nasty clever people with much better kit that you need to protect yourself from those threats by putting something better in your machine or putting it behind a nice, robust firewall. >> Their refusal to keep patching old OSs is unreasonable. >> No it isn't, they have provided plenty of options and plenty of notice of support ending In my opinion anyway. |
NHS Cyber attack - Old Navy |
Try getting full manufacturer support and parts availability for a 30 year old Fiesta or any run of the mill car. Or your shiny new one in 30 years.
Last edited by: Old Navy on Tue 16 May 17 at 15:48
|
NHS Cyber attack - Crankcase |
In 2014, a Government purchasing agency struck a 5.5 million quid deal to extend MS XP support for the NHS for a year. The NHS were apparently "grateful" for the breathing space. And of course, "The government expects the majority of machines to be upgraded from Windows XP by April 2015." www.theguardian.com/technology/2014/apr/07/uk-government-microsoft-windows-xp-public-sector Last edited by: Crankcase on Tue 16 May 17 at 16:10
|
NHS Cyber attack - BrianByPass |
>> XP support for the NHS for a year. >> NHS apparently use Sophos to protect their dystems. The image below shows Sophos adverts before and after the attack: regmedia.co.uk/2017/05/15/sophos_nhs.jpg (courtesy of www.theregister.co.uk/2017/05/15/sophos_nhs/ ) |
NHS Cyber attack - Zero |
>> Having thought about it, I think Microsoft have a corporate responsibility and culpability in this. You need to go and have a rethink about it. When Software is sold, it is sold with T&Cs saying it will have a shelf life. What you are espousing in your anti tech tirade is Luddism. If you ruled the world there would be no MRI scanner. |
NHS Cyber attack - zippy |
Operating systems cannot be supported ad-infinitum. There are just too many possibilities to cater for with different hardware, software and threats. In theory the cost of supporting the o/s could exceed the development costs and initials sales revenue if it stayed in service long enough. I was told by a manufacturer of medical equipment a year or so ago that the computers controlling their devices were not Windows PCs as they weren't up to it. I have not idea why they are not up to it? |
NHS Cyber attack - Rudedog |
Yesterday and today our external supplier who provides the services for the imaging departments (PACS & MRI) took all of the online viewing/ordering offline for 10 minutes at a time to apply patches. Looks like they might have been the only systems that had potential issues in our Trust. These systems (including hardware) aren't that old so there's no way they will be upgraded, so it will be just a series of patches. |
NHS Cyber attack - smokie |
I worked for many years on "desktop refresh" projects for a range of companies in public and private sector. Many projects also included new desktop hardware and a fresh operating system build (and often version). If it were just this it would be a very expensive and time consuming process, to be carried out about every 3 years or less, often coinciding with the lease period of the PC hardware. But rarely is it as simple as that. In most business there are specialist applications which need to be extensively tested and quite probably rewritten. I'm thinking of (for instance) a long-in-the-tooth but totally reliable and business critical front office banking system which was written using EGA video standards which were no longer supported in the newer Windows and which therefore required a really extensive (and expensive) re-write and all the associated testing - and to compound it all of the really experienced people who had the proper required "internals knowledge" had themselves moved on. The same bank had other mega reliable apps running serious business processes running under XP and chose (well, were forced really) to pay M$ to extend cover for many thousand machines while they tried to get the apps sorted out. Or in a previous role they had a number of apps which were attached to scientific devices which required a driver. Again many of these had been in daily use for years and been totally reliable, and the scientific equipment itself was really expensive and not Windows 7 (as it was then) compatible. Always the front end upgrades require extensive user testing even if versions of applications are not changing. Often back end upgrades will also be required, which may be both hardware and software. And of course some companies always deliver training to users when there is a change to their desktops. I have often been finishing off one round of desktop refreshes when the next is just about to start. It is a major task. Even just applying a security patch is taken quite seriously in many businesses - the patch needs to be tested to ensure it doesn't change the way stuff works. So M$ may issue their patch really quickly but many companies would not allow it to be applied automatically to their machines with testing. |
NHS Cyber attack - Mapmaker |
>>When Software is sold, it is sold with T&Cs saying it will have a shelf life. It's not software though. It's the existence of a monopoly. Generally monopolies are held to be a Bad Thing as they allow one operator two much power. Imagine there were four Operating Systems. One which was guaranteed for 20 years, and one with a 5 year guarantee. You and I would use the latter for our home computers. Infrastructure would use the former. In the absence of this competition the sole supplier can force everybody to upgrade every five years with the concomitant disruption arising from inevitable incompatibility. And they don't care about the disruption as they get their fee for their new licence. [Edited to add, just like Smokie says.] Last edited by: Mapmaker on Wed 17 May 17 at 10:08
|