-
England's greatest sailor since Nelson lost the armada. -
Nobody works on Security for the NHS as a whole, it's horribly fragmented into Hospital Trusts, National Services, Independent providers etc. The trusts are responsible for their own IT, including security, and while they get advice and guidance from the center of they ask for it it's down to them to manage. With budget cuts IT spending and maintenance go to the bottom of the heap and they don't all use the same local systems, although they do plug into national services.Originally posted by Uncle Albert View Post
Without more details it's hard to say but it looks like a limited number of hospitals have been compromised due to local vulnerabilities. If it was really a systemic issue there would be a lot more affected."Being nice costs nothing and sometimes gets you extra bacon" - Pondlife. -
It might turn out that the fragmented nature of the trusts has helped limit it to only a few hospitals. It's worrying though that one trust with poor security could expose the national services that they access.England's greatest sailor since Nelson lost the armada.Comment
-
I was on Spine, I'd be very surprised if anyone got into that.Comment
-
It's not as much of a risk as it might be. Access to national services requires authentication through a NHS Smart Card or other secure mechanisms. A compromised endpoint isn't automatically gong to lead to compromise of other remote services as it's not a generic network connection, but relies on the local application authentication to handle the connection.Originally posted by Uncle Albert View Post
There really isn't enough detail in the article but it sounds like a number of workstations used to access patient records and other systems have been infected with ransomeware. It's not even necessarily a targeted attack against the NHS, it could very well be coincidence as the bad guys tend to go for a scatter gun approach and simply scan swaths of IP addresses for open connections they can try and exploit.
If the local networks were poorly protected then that could lead to the infection. It only takes one device to be compromised and others on the local networks can also be attacked."Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.Comment
-
Originally posted by stek View Post
I'm assuming you don't mean that in a good way....
Much securities with plenty cheapness.....When freedom comes along, don't PISH in the water supply.....Comment
-
It'll be that Syst:m tulipe or whatever it's called who turned me down for a contract role that's not at all anything related to any alleged attack of mine. Did I say mine? I meant someone else...Originally posted by DaveB View PostComment
-
So if they've managed to do that, what's to say they're not downloading all of the patient health records. A breach of that would be the largest ever.What happens in General, stays in General.You know what they say about assumptions!Comment
-
Going off how long it took me to get access.....!!Originally posted by TestMangler View Post I'm assuming you don't mean that in a good way....
Much securities with plenty cheapness.....Comment
-
Agreed. Same for any of the other national services. They are locked down tight and well controlled.Originally posted by stek View Post"Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.Comment
Comment