Results 1 to 22 of 22
  1. #1
    Molecular Mixup
    blue's Avatar
    Join Date
    Aug 2010
    Last Online
    09-06-2019 @ 01:29 AM
    Location
    54°N
    Posts
    11,353

    UK: NHS cyber-attack: GPs and hospitals hit by ransomware

    fucking government
    spends billions on useless computer systems and now this



    NHS cyber-attack: GPs and hospitals hit by ransomware - BBC News


    A major incident has been declared after NHS services across England and Scotland were hit by a large-scale cyber-attack.
    Staff cannot access patient data, which has been scrambled by ransomware. There is no evidence patient data has been compromised, NHS Digital has said.
    The BBC understands up to 25 NHS organisations and some GP practices have been affected.
    It comes amid reports of cyber-attacks affecting organisations worldwide.
    A Downing Street Spokesman said Prime Minister Theresa May was being kept informed of the situation, while Health Secretary Jeremy Hunt is being briefed by the National Cyber Security Centre.
    Follow developments live
    Patient safety

    Ambulances have been diverted and patients warned to avoid some A&E departments as a result of the attack.
    NHS Digital said the ransomware attack was not "specifically targeted at the NHS" and was affecting other organisations.
    A massive ransomware campaign appears to have attacked a number of organisations around the world.
    Screenshots of a well known program that locks computers and demands a payment in Bitcoin have been shared online by those claiming to be affected.
    NHS Digital said the attack was believed to be carried out by the malware variant Wanna Decryptor.
    "NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and ensure patient safety is protected.
    "Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available."


    'Entire patient record'

    Dr Chris Mimnagh, who works at a medical centre in Liverpool that has been affected, said the attack had made their job impossible.
    "Our entire patient record is accessed through the computer, blood results, history, medicines.
    "Most of our prescribing is done electronically - we don't use the prescriptions unless the patient particularly chooses to want a piece of green paper.
    "The rest of the time it's sent direct to the pharmacy and of course, all that is not able to be accessed when we lose the clinical system."
    Dr Emma Fardon, a GP in Dundee, said she returned from house visits to find a message on the surgery's computers asking for the money.
    "We can't access any patient records. Everything is fully computerised.
    "We have no idea what drugs people are on or the allergies they have. We can't access the appointments system."
    Non-urgent activity postponed

    The East and North Hertfordshire NHS Trust says it is experiencing problems with computers and phone systems.
    It has postponed all non-urgent activity and is asking people not to come to A&E at the Lister Hospital in Stevenage.
    IT specialists are working to resolve the problem as quickly as possible, a statement from the trust says.
    Some GP and dental practices have been affected in the NHS Dumfries and Galloway and NHS Forth Valley areas.
    Both health boards said steps were being taken to minimise the risk of the problem spreading.
    Also affected is Derbyshire Community Health Services NHS Trust, which says it has shut down all of its IT systems following a "secure system attack".
    A GP from a surgery in York said: "We received a call from York CCG [Clinical Commissioning Group] around an hour ago telling us to switch off all of our computers immediately.
    "We have since remained open, and are dealing with things that can be dealt with in the meanwhile."
    Meanwhile, Blackpool Hospitals NHS Trust has asked people not to attend A&E unless it was an emergency because of computer issues.
    But the NHS in Wales said it had a separate IT system and had not been affected by the cyber-attack.

  2. #2
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861


    Now you c u n t s, THIS is why you apply Windows Updates!


    Added: I'll post links in the Security News Thread.
    Last edited by harrybarracuda; 13-05-2017 at 01:38 AM.

  3. #3
    Molecular Mixup
    blue's Avatar
    Join Date
    Aug 2010
    Last Online
    09-06-2019 @ 01:29 AM
    Location
    54°N
    Posts
    11,353


    Quote Originally Posted by harrybarracuda
    THIS is why you apply Windows Updates!
    unfortunately we are talking the corrupt British government , and Windows XP
    ...so no updates

    In December last year it was revealed about 90 per cent of NHS Trusts were still running Windows XP, two and a half years after Microsoft stopped supporting the system.
    Citrix, an American software company, sent a Freedom of Information request to 63 NHS Trusts, 42 of which responded. It revealed that 24 Trusts were unsure when they would even upgrade, The Inquirer reported.
    Windows XP was released more than 15 years ago and is now particularly vulnerable to viruses. Microsoft stopped providing virus warnings for the ageing Windows XP in 2015.
    The list of hospitals that continue to run the outdated software include East Sussex, which has an estimated 413 Windows XP machines, Sheffield's Children's hospital with 1,290 PCs, and Guy's and St Thomas' NHS Trust with 10,800 Windows XP-powered PCs.

  4. #4
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    I know it's pitiful really.

    But I bet even the Windows 7 and 8 machines weren't patched either.

  5. #5
    R.I.P.

    Join Date
    Jul 2015
    Last Online
    02-09-2018 @ 07:55 PM
    Posts
    2,643
    'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack

    'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack

    Interesting snip from that article :

    The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of “cyber weapons” from the National Security Agency (NSA).
    If that claim is correct then this ransomware was developed to keep you-all safe and secure and allowed to get into the hands of the baddies through poor security.

    Wonder what other "Cyber weapons" are out there.

  6. #6
    Thailand Expat Pragmatic's Avatar
    Join Date
    Mar 2013
    Last Online
    @
    Location
    Last but who gives a shit.
    Posts
    11,559
    Quote Originally Posted by blue
    UK: NHS cyber-attack: GPs and hospitals hit by ransomware
    As of the news 30 mins ago 100 countries now affected.

  7. #7
    R.I.P.

    Join Date
    Jul 2015
    Last Online
    02-09-2018 @ 07:55 PM
    Posts
    2,643
    Didnt take long for Russia to be blamed.

    Russian-linked cyber gang Shadow Brokers blamed for NHS computer hack


    A cyber gang with possible links to Russia is being blamed for the extraordinary worldwide computer security breach - possibly in retaliation for US airstrikes on Syria.


    The mysterious organisation - called Shadow Brokers - claimed in April it had stolen a ‘cyber weapon’ from an American spying agency that gives unprecedented access to all computers using Microsoft Windows, the world’s most popular computer operating system.


    The hacking tool had been developed by the National Security Agency (NSA), America’s powerful military intelligence unit. The NSA had developed its ‘Eternal Blue’ hacking weapon to gain access to computers used by terrorists and enemy states.


    But in an astonishing twist, the NSA’s tool was stolen by Shadow Brokers.
    Note the "possibles".

  8. #8
    R.I.P.

    Join Date
    Jul 2015
    Last Online
    02-09-2018 @ 07:55 PM
    Posts
    2,643
    Blaming Russia ignores the fact that Russia appears to be the country hardest hit.

    Ransomware strike gives glimpse of 'cyber-apocalypse'

    Russia appeared to be the hardest hit nation, with its interior and emergencies ministries and biggest bank, Sberbank, saying they were targeted.

  9. #9
    Thailand Expat
    wasabi's Avatar
    Join Date
    Dec 2012
    Last Online
    20-06-2019 @ 09:35 PM
    Location
    England
    Posts
    10,947
    Thank god the NHS is in safe Tory hands, protectors of our health services held so dear by the working classes.

  10. #10
    Thailand Expat
    Dragonfly's Avatar
    Join Date
    Oct 2015
    Last Online
    Today @ 01:43 AM
    Posts
    11,739
    Quote Originally Posted by harrybarracuda
    Now you c u n t s, THIS is why you apply Windows Updates!
    hardly, new updates, new bugs, new exploits

    I bet it won't work on WinXP SP1

  11. #11
    Thailand Expat
    Dragonfly's Avatar
    Join Date
    Oct 2015
    Last Online
    Today @ 01:43 AM
    Posts
    11,739
    Quote Originally Posted by wasabi View Post
    Thank god the NHS is in safe Tory hands, protectors of our health services held so dear by the working classes.
    don't blame them, all big organization, even for profit and private, will have dysfunctional IT department, because that's how they are structured,

    ask Harry, he knows all about it, he works in a big corporate tech support call center

  12. #12
    Molecular Mixup
    blue's Avatar
    Join Date
    Aug 2010
    Last Online
    09-06-2019 @ 01:29 AM
    Location
    54°N
    Posts
    11,353
    Funny how the governments don't seem to be saying they never pay blackmailers.
    If you have everything backed up, can you just wipe of the encrypted stuff and reload it. ? or is it freezing access?


    'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack


    An “accidental hero” has halted the global spread of the WannaCry ransomware, reportedly by spending a few dollars on registering a domain name hidden in the malware.


    However, a UK cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and activated a “kill switch” in the malicious software.

    https://www.theguardian.com/technolo...e-cyber-attack

    The switch was hardcoded into the malware in case the creator wanted to stop it spreading. This involved a very long nonsensical domain name that the malware makes a request to – just as if it was looking up any website – and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading.

    “I saw it wasn’t registered and thought, ‘I think I’ll have that’,” he is reported as saying. The purchase cost him $10.69. Immediately, the domain name was registering thousands of connections every second.

    “They get the accidental hero award of the day,” said Proofpoint’s Ryan Kalember. “They didn’t realize how much it probably slowed down the spread of this ransomware.”

    The time that @malwaretechblog registered the domain was too late to help Europe and Asia, where many organizations were affected. But it gave people in the US more time to develop immunity to the attack by patching their systems before they were infected, said Kalember.

    The kill switch won’t help anyone whose computer is already infected with the ransomware, and and it’s possible that there are other variants of the malware with different kill switches that will continue to spread.

    The malware was made available online on 14 April through a dump by a group called Shadow Brokers, which claimed last year to have stolen a cache of “cyber weapons” from the National Security Agency (NSA).

    Ransomware is a type of malware that encrypts a user’s data, then demands payment in exchange for unlocking the data. This attack was caused by a bug called “WanaCrypt0r 2.0” or WannaCry, that exploits a vulnerability in Windows. Microsoft released a patch (a software update that fixes the problem) for the flaw in March, but computers that have not installed the security update remain vulnerable.

    MalwareTech
    (@MalwareTechBlog)
    I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental.



    Security researchers with Kaspersky Lab have recorded more than 45,000 attacks in 74 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major companies including telecommunications firm Telefónica were infected.

    By Friday evening, the ransomware had spread to the United States and South America, though Europe and Russia remained the hardest hit, according to security researchers Malware Hunter Team. The Russian interior ministry says about 1,000 computers have been affected.

    MalwareTech
    (@MalwareTechBlog)
    I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental.''
    so why did he register it ?
    maybe an illiterate clown or its all bull..
    Last edited by blue; 13-05-2017 at 06:13 PM.

  13. #13
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    Yes it should be possible to simply reimage Windows but it will take a long time to do tens of thousands of computers.

    And if their servers were hit as well, that's a whole shit show.

    Apparently they are asking patients to bring in *any* paperwork related to their cases.

  14. #14
    Thailand Expat
    Dragonfly's Avatar
    Join Date
    Oct 2015
    Last Online
    Today @ 01:43 AM
    Posts
    11,739
    corporations have no clue when it comes to managing their IT resources,

    see how they get fucked and it's the end of the world for them when they hit a minor 0d trojan,

  15. #15
    Member
    Join Date
    Jul 2009
    Last Online
    14-03-2018 @ 01:53 AM
    Posts
    153
    Quote Originally Posted by harrybarracuda View Post
    Yes it should be possible to simply reimage Windows but it will take a long time to do tens of thousands of computers.

    And if their servers were hit as well, that's a whole shit show.

    Apparently they are asking patients to bring in *any* paperwork related to their cases.
    If the IT staff were managing the backups of the servers properly it shouldn't be very difficult to restore backups of the databases onto other servers and get it going again, they'd only lose a day's data which can be re-entered at a later date.

    The longer job, as already stated on this thread, is reinstalling the workstations with the necessary software and applying the security update to protect against any future attacks.

    When I worked as IT support with financial institutions we always made a backup of the databases at the end of every day, in some cases incremental backups were made of the databases throughout the day. Some banks even have backup locations that were copies of their dealing room, all setup with computers and servers with a skeleton staff there to power them up everyday so that they could be used in the event of an emergency.

    Remember though, these are banks I'm talking about and the finances take top priority for many so they get the funding to do this.

    When it comes to health and well-being, the NHS, especially under a Tory government, is given a low priority.

  16. #16
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    Quote Originally Posted by pattayardm View Post
    Quote Originally Posted by harrybarracuda View Post
    Yes it should be possible to simply reimage Windows but it will take a long time to do tens of thousands of computers.

    And if their servers were hit as well, that's a whole shit show.

    Apparently they are asking patients to bring in *any* paperwork related to their cases.
    If the IT staff were managing the backups of the servers properly it shouldn't be very difficult to restore backups of the databases onto other servers and get it going again, they'd only lose a day's data which can be re-entered at a later date.

    The longer job, as already stated on this thread, is reinstalling the workstations with the necessary software and applying the security update to protect against any future attacks.
    If they have to reimage workstations they can just build the updates into the image, that's a doddle.

  17. #17
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    Quote Originally Posted by Dragonfly View Post
    corporations have no clue when it comes to managing their IT resources,

    see how they get fucked and it's the end of the world for them when they hit a minor 0d trojan,
    It's not a trojan you stupid fat queer troll.

  18. #18
    Thailand Expat

    Join Date
    Dec 2016
    Last Online
    13-01-2019 @ 05:13 PM
    Posts
    1,698
    Trust me this is not too far from the truth in IT support offices


  19. #19
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    Quote Originally Posted by blue View Post
    MalwareTech
    (@MalwareTechBlog)
    I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental.''
    so why did he register it ?
    maybe an illiterate clown or its all bull..
    He said he registered it so he could analyze what traffic the malware was sending and receiving from it, which makes sense.

  20. #20
    Balls to Monty
    Looper's Avatar
    Join Date
    Jun 2007
    Last Online
    Yesterday @ 11:31 PM
    Posts
    12,003
    Ransomware cyberattack: Reused code links WannaCry to North Korea, but it's not definitive proof

    Cyber security researchers have found technical evidence that could link the massive WannaCry ransomware attack to hackers in North Korea, but so far they say the evidence is only weak.

    Technical experts at Google, Symantec and Kaspersky Lab have found that some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, which has been identified as a North Korea-run hacking operation.

    Neel Mehta, a security researcher at Google, first highlighted the link in an obscure tweet which pointed to sections of identical code in both the WannaCry malware and a 2015 sample of code from Lazarus.

    But Symantec and Kaspersky say hackers do reuse code from other operations, so the identical lines fall short of proof.

    Eric Chien at Symantec said it was too early to tell whether North Korea was involved in the attacks.

    "Whenever a high profile attack or breach breaks out, we basically dig into it and look to see if we can find indicators that match known groups that we're tracking," he said.

    "Right now we've uncovered a couple of what we would call weak indicators or weak links between WannaCry and this group that's been previously known as Lazarus.

    "Lazarus was behind the attacks on Sony and the Bangladesh banks for example. But these indicators are not enough to definitively say it's Lazarus at all."
    WannaCry appears in odd places

    You don't need to be sitting in front of a computer to come face-to-face with the WannaCry worm — you might simply be paying for parking or walking into your apartment building.

    He said Lazarus had been on the radar since the Sony attack happened.

    "They basically broke into Sony networks and overwrote all of their files bringing down their whole computing infrastructure," Mr Chien said.

    "They also did a massive, what we call 'wiping attack' on the South Korean broadcasters and also South Korean banks.

    "And most recently, they had been pinned against attacks in Bangladesh on the bank of Bangladesh where they tried to transfer $1 billion. They made some typos and successfully transferred out $81 million.

    "Sony attacks were attributed to North Korea by the US government and the South Korean government attributed their wiping attacks to the North Koreans as well."

    The attack on Friday infected more than 300,000 computers in 150 countries. Hospitals in the UK and Asia were among the worst affected.

    But telecommunications and transport companies in Europe, as well as the car manufacturers Renault and Nissan, and even a cinema in South Korea, were also victims.
    Attacks targeted out-of-date software

    The attacks are among the fastest-spreading extortion campaigns on record, although their spread has begun to slow.
    How did the attack occur?

    Attack appeared to be caused by a self-replicating piece of software that takes advantage of vulnerabilities in older versions of Microsoft Windows, security experts say
    It spreads from computer to computer as it finds exposed targets.
    Ransom demands start at $US300 and increase after two hours, a security researcher at Kaspersky Lab says
    Security holes were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has repeatedly published what it says are hacking tools used by the NSA
    Shortly after that disclosure, Microsoft announced it had already issued software "patches" for those holes
    But many companies and individuals have not installed the fixes yet or are using older versions of Windows that the company no longer supports and for which no patch was available

    Technical experts say those organisations with out-of-date software appear to have been most vulnerable, explaining perhaps why so many developing countries have been badly hit.

    "We've seen it all over the world, the top countries affected are places like China for example, Brazil, the US, Russia, these places that have been affected primarily has to do with where there's big computing infrastructure," Mr Chien said.

    "We see in places, for example in China, a lot of people are using older operating systems that may not have patches available and so they may be more harder hit."

    Australian technologist Steve Sammartino said the WannaCry ransomware appears to have targeted XP Windows software that is no longer supported by Microsoft.

    "XP Windows software that was at the centre of the WannaCry attack is a 10-year-old piece of software. It hasn't been supported by Microsoft in more than three years," he told the ABC.

    "What that means is if there are vulnerabilities and they get out there in the market, there's a higher chance that the organisations using it don't have the resources to keep their software up-to-date. If there is an attack they haven't got time to patch them and upgrade.
    Meet the man who stopped WannaCry

    Marcus Hutchins is credited with stopping the WannaCry cyberattack — but he says he's "definitely not a hero".

    Mr Sammartino says often it is government or government-run organisations — such as hospitals in the UK — that are most vulnerable.

    "One of the things we tend to see is that government organisations tend to have software a little bit behind what's the latest in the market," he said.

    "And ironically it's the government institutions that don't have the resources because they don't see software as a primary part of their business. If you're running a hospital you don't see software as one of the major parts of your business, but increasingly it is.

    "So it tends to be down on the agenda in terms of where we're going to invest our limited funds to keep things up to date. So having older software out there and a lot of government institutions using it actually increases the risk in our critical infrastructure."
    'Biggest cyber shakedown in history'

    Ransomware is not new, but the difference with the WannaCry malware is the scale of the attack.

    "This is really the biggest cyber shakedown in history," said Roger Cheng, executive editor at CNET News.

    Mr Cheng said Microsoft has now taken the unusual step of releasing a patch for Windows XP, even though they no longer support the software.

    Not all stakeholders believe North Korea is behind the WannaCry attack.

    Some have speculated Russian hackers are to blame.
    Hacked? Here's what to do next

    Most Australians were not caught up in the WannaCry ransomware attack. But there's no guarantee you'll avoid the next one. Here's what to do if you've been hacked (and how to avoid getting hit next time).

    But Russia's President Vladimir Putin blames US intelligence agencies for leaking their hacking tools onto the internet.

    "Microsoft leadership has put it straight," he said.

    "They said that the primary source of the virus happens to be the intelligence services of the United States. Russia here is absolutely uninvolved.

    "We think — we understand — that releasing these genies from the bottles in such a way, especially those created by the intelligence services, may in turn bring harm to their authors and creators.

    "This is why this subject must be discussed without delay on a serious, political level to work out a system of protection against such phenomena."

    US authorities say both foreign nations and cyber criminals are possible culprits.

    Tom Bossert, Homeland Security Adviser to President Donald Trump, says US authorities at the highest levels of government are monitoring the situation around the clock.

    "We're bringing all of the capabilities of the US government to bear on this issue and are working side-by-side with our partners in the private sector and our international partners," he said.

    Ransomware cyberattack: Reused code links WannaCry to North Korea, but it's not definitive proof - ABC News (Australian Broadcasting Corporation)

    Nasty Rogue state!

  21. #21
    Member
    harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    Today @ 03:25 AM
    Posts
    59,861
    Experts probing why so many GPs managed to avoid the ransomware have concluded that it's because it could not get past the receptionists.

  22. #22
    Thailand Expat misskit's Avatar
    Join Date
    Dec 2009
    Last Online
    @
    Location
    Chiang Mai
    Posts
    29,342
    NHS cyber-attack was 'launched from North Korea'

    British security officials believe that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned.

    Britain's National Cyber Security Centre (NCSC) led the international investigation.
    Security sources have told the BBC that the NCSC believes that a hacking group known as Lazarus launched the attack.

    The US Computer Emergency Response Team has also warned about Lazarus.
    The same group is believed to have targeted Sony Pictures in 2014.

    The Sony hack came as the company planned to release the movie The Interview, a satire about the North Korean leadership starring Seth Rogen. The movie was eventually given a limited release after an initial delay.

    The same group is also thought to have been behind the theft of money from banks.


    NHS hit

    In May, ransomware called WannaCry swept across the world, locking computers and demanding payment for them to be unlocked. The NHS in the UK was particularly badly hit.

    Officials in Britain's National Cyber Security Centre (NCSC) began their own investigation and concluded their assessment in recent weeks.

    The ransomware did not target Britain or the NHS specifically, and may well have been a money-making scheme that got out of control, particularly since the hackers do not appear to have retrieved any of the ransom money as yet.

    Although the group is based in North Korea the exact role of the leadership in Pyongyang in ordering the attack is less clear.


    Detective work

    Private sector cyber-security researchers around the world began picking apart the code to try to understand who was behind the attack soon after.

    Adrian Nish, who leads the cyber threat intelligence team at BAE Systems, saw overlaps with previous code developed by the Lazarus group.

    "It seems to tie back to the same code-base and the same authors," Nish says. "The code-overlaps are significant."

    Private sector cyber security researchers reverse engineered the code but the British assessment by the NCSC - part of the intelligence agency GCHQ - is likely to have been made based on a wider set of sources.

    America's NSA has also more recently made the link to North Korea but its assessment is not thought to have been based on as deep as an investigation as the UK, partly because the US was not hit as hard by the incident.

    Officials say they have not seen any significant evidence supporting other possible culprits.


    Central bank hack


    North Korean hackers have been linked to money-making attacks in the past - such as the theft of $81m from the central bank of Bangladesh in 2016.

    This sophisticated attack involved making transfers through the Swift payment system which, in some cases, were then laundered through casinos in the Philippines.

    "It was one of the biggest bank heists of all time in physical space or in cyberspace," says Nish, who says further activity has been seen in banks in Poland and Mexico.
    The Lazarus group has also been linked to the use of ransomware - including against a South Korean supermarket chain.

    Other analysts say they saw signs of North Korea investigating the bitcoin method of payment in recent months.


    Scattergun


    The May 2017 attack was indiscriminate rather than targeted. Its spread was global and may have only been slowed thanks to the work of a British researcher who was able to find a "kill switch" to slow it down.

    The attacks caused huge disruption in the short term but they may have also been a strategic failure for the group behind it.

    Researchers at Elliptic, a UK-based company which tracks bitcoin payments, say they have seen no withdrawals out of the wallets into which money was paid, although people are still paying in to them.

    Those behind the attack may not have expected it to have spread as fast as it did.
    Once they realised that their behaviour was drawing global attention, the risks of moving the money may have been seen as too high given the relatively small amount involved, leaving them with little to show for their work.

    The revelation of the link to North Korea will raise difficult questions about what can be done to respond or deter such behaviour in the future.

    NHS cyber-attack was 'launched from North Korea' - BBC News

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •