Just in:
Universal Language for Healthcare: General Authority Embraces Global Coding System // HSBC Streamlines Gold Investment for Hong Kong Residents with Tokenized Product // Party Nominees Refusing To Contest: Major Perception Threat For BJP // Court Sides with Coinbase on Wallet Service, But Staking Program Remains in Limbo // Experience Ultimate Shopping Freedom at 4.4 Shopee Spree: Don’t Worry, Shop Shopee! // Sharpening the Focus: Sharjah Health Department Refines Evaluation Criteria for “Healthy Schools Programme” // Experts come together to support updating the city’s nature conservation masterplan // 2024 Lok Sabha Election Is A Historic Battle Against The Advent Of Fascism In India // US reiterates concern over Kejriwal arrest, Cong accounts // Meta Earth Official Website Launch: The Pioneer Explorer in the Modular Public Blockchain Domain // Emirates Post Speeds Up Deliveries for GCC with Special Day // Lisboeta Macau’s world first LINE FRIENDS PRESENTS CASA DE AMIGO and BROWN & FRIENDS CAFE & BISTRO has officially opened // Renewables Surge Sets Record, But Global Equity Lags // German Job Market Resilience Bodes Well for Economic Recovery // Arvind Kejriwal Was Used By BJP In 2011 Movement To Take On The Congress // The World’s First & Wettest Party: “S2O Hong Kong Songkran Music Festival” proudly returns Get an immersive water and music experience on 8-9 June during Dragon Boat Festival long weekend at Central Harbourfront Event Space! // Andertoons by Mark Anderson for Thu, 28 Mar 2024 // AIA Hong Kong Wins More Than 20 Accolades at MPF Ratings MPF Awards, BENCHMARK MPF of The Year Awards and Bloomberg Businessweek Top Fund Awards // In Lok Sabha Polls In Punjab, AAP Is Advantageously Placed As Against Its Three Rivals // Infineon and HD Korea Shipbuilding & Offshore Engineering jointly develop ship electrification technology //
HomeFT SelectHackers use NSA tools in UK health service cyber attack

Hackers use NSA tools in UK health service cyber attack

95c0df7e 3726 11e7 99bd 13beb0903fa3

Hackers responsible for the wave of cyber attacks that struck organisations across the globe on Friday from the UK’s National Health Service to European telecoms company Telefónica used tools stolen from the US National Security Agency, the Financial Times has learnt.

A tool known as “eternal blue”, developed by US spies was used by the hackers to make an existing form of ransomware known as WannaCry more virulent, three senior cyber security analysts said. Their analysis was confirmed by western security officials who are still scrambling to contain the attack.

ADVERTISEMENT

Their reading of events was confirmed by western security officials who are still scrambling to contain the spread of the attack.

Ransomware is a form of malware which locks victims out of their own computers by encrypting files on them and demands a ransom, typically payable in the untraceable digital currency bitcoin, in order to return access. Infection is almost always made by email.

The latest version of WannaCry spread laterally through the computer networks of infected organisations, however.

The NSA’s eternal blue exploit allows the malware to spread through file-sharing protocols set up across organisations, many of which span the globe.

Security officials in the UK, which has been among the countries worst hit, currently believe the attacks are the work of a criminal group, though they are still working to assess the full nature of the attack.

ADVERTISEMENT

The UK’s National Cyber Security Centre, an arm of GCHQ, has been put into a state of high alert. The speed and virulence of the infection has caught many by surprise.

NHS hospitals across the UK were hit by the attack with medical staff confronted with messages demanding payment to unlock access to data.

The UK was one of several countries, including Spain and Portugal, where computer systems in various sectors were infiltrated by the same ransomware.

NHS Digital, the arm of the UK health service co-ordinating a response, said “a number” of NHS organisations had been affected by a ransomware attack, “which is affecting a number of different organisations”.

It said that there was no evidence that patient data had been accessed but was continuing to assess the damage done by the hack.

Downing Street said that the prime minister was being kept updated and that Jeremy Hunt, the health secretary, was being briefed by the NCSC.

Dominic Grieve, chair of the intelligence and security committee, told the Financial Times that the government was not complacent about the threat from hackers. “The government has already allocated a colossal amount of resources to this . . . but you can’t have 100 per cent guarantee that you cannot be hacked into.”

In October, Ben Gummer, Cabinet Office minister, warned that “large quantities of sensitive data” held by the NHS and government were being targeted by hackers — with the potential to disrupt Britain’s energy, water and transport networks.

The same or a similar virus was used in a large-scale attack in Spain on Friday that hit companies including Telefónica, the country’s main telecoms provider. Telefónica said that it had suffered a “cyber security incident” affecting the personal computers of “some” employees.

It is not known if the attacks in Spain and on the NHS are connected. In Portugal, a spokesman for the police cyber crime unit told local media that “large-scale” ransomware attacks had hit a number of Portuguese firms, particularly communication operators.

There have been unverified reports of cyber attacks in several other countries, including Russia.

Barts Hospital, in central London, confirmed that it was among the hospitals to have been hit and said it had been forced to cancel routine appointments and divert ambulances to neighbouring hospitals as the “major IT disruption” took hold. It asked the public “to use other NHS services wherever possible” and said that the IT breakdown was causing delays at all the hospitals within the trust.

“We have activated our major incident plan to make sure we can maintain the safety and welfare of patients,” it added. Technicians were turning away patients seeking blood tests and the electronic sign that determines the queue was switched off. “It’s because of the computers,” one staffer told a confused woman.

One person said that managers at all levels were in meetings to assess the attacks.

Patrick Ward, a salesman from Dorset, was poised to have open-heart surgery at Bart’s on Friday when the computers went down. Mr Ward said he had been prepared for surgery when, just before 2pm, “the consultant came and said there’s been a cyber attack and they could no longer do the operation”.

His doctor only performs the surgery for Mr Ward’s condition, which is not life threatening, once a week, on Fridays. Mr Ward said he was told to expect a call on Monday with more information. “I’ve got to wait now.”

A doctor working in a hospital in east London affected by the attack said staff had “turned everything off and we are sitting back and going on seeing patients as we normally do”. Staff had reverted to paper records, he added.

East and North Hertfordshire NHS Trust posted a statement on its website to say it was “currently experiencing significant problems with our IT and telephone network which we’re trying to resolve as soon as possible”. Hospital trusts and GP groups in Lancashire were also reporting problems.

NHS Digital said it was “working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations”.

Vanessa Sandhu, a GP in Braintree, Essex, said: “We got a call from the CCG [Clinical Commissioning Groups] saying there had been a security breach. We all had to shut down our computers and unplug all cables from the walls.

“It was scary — we had no idea what was going on. We didn’t have access to our notes or patient medical records. We couldn’t request blood tests or ultrasounds. We had to disconnect the surgery telephones so we couldn’t communicate with other doctors or patients. We tried to see the patients in the building, but everyone else we told to go home.

“We’ve had to close the surgery for the day. Some hospitals have had to shut down so it’s going to be absolute carnage in A&E if you can’t do emergency tests or get blood results for those most in need.”

© PA

In February, a report into the NHS and cyber crime found that 34 per cent of trusts across England, Scotland and Wales had suffered ransomware attacks during the previous 18 months. Scottish trusts were the worst hit, with almost 60 per cent being attacked, while 79 English trusts, more than 33 per cent, had been affected since June 2015.

Attacks on at least seven of the trusts, including dozens of hospitals, had been successful, which means that data had been locked up by criminals.

In November, a ransomware attack on the Northern Lincolnshire and Goole Trust brought down the systems of three British hospitals, forcing doctors to use pen and paper rather than computers, and leading to the cancellation of hundreds of routine operations and outpatient appointments. The attack lasted five days.

Jonathan Ashworth, shadow health secretary, said the attack was “a real worry for patients” and called on the government to set out what had happened and what measures ministers were taking to reduce the threat.

additional reporting by Jim Pickard and Anjli Raval

Via FT

ADVERTISEMENT

ADVERTISEMENT
Just in:
Arvind Kejriwal Was Used By BJP In 2011 Movement To Take On The Congress // AIA Hong Kong Wins More Than 20 Accolades at MPF Ratings MPF Awards, BENCHMARK MPF of The Year Awards and Bloomberg Businessweek Top Fund Awards // Superland Announced Annual Results for 2023, 2023 Net Profit Increased approximately 39.5% to approximately HK$22.2 million as Compared to the 2022 Adjusted One // Ajman Celebrates Conclusion of Ramadan Activities with Grand Ceremony // Sharpening the Focus: Sharjah Health Department Refines Evaluation Criteria for “Healthy Schools Programme” // Sunshine’s Debut Features Leave Tech World Scratching Its Head // Experience Ultimate Shopping Freedom at 4.4 Shopee Spree: Don’t Worry, Shop Shopee! // Konica Minolta is named ASEAN 2023 Market Leader in Colour Light and Mid Digital Production Printers // No running of govt from jail, says Delhi Lt Governor // Experts come together to support updating the city’s nature conservation masterplan // AI Boost for Galaxy Devices: Samsung Expands One UI 6.1 Update // Andertoons by Mark Anderson for Thu, 28 Mar 2024 // Arvind Kejriwal Gets International Heft Against The Deshi Vishwaguru // HSBC Streamlines Gold Investment for Hong Kong Residents with Tokenized Product // Near Miss at Kolkata Airport: IndiGo Plane Makes Contact with Stationary Air India Express // Renewables Surge Sets Record, But Global Equity Lags // Universal Language for Healthcare: General Authority Embraces Global Coding System // Hullabaloo About Electoral Bonds May End Up As A Whimper Pre And Post Poll // Court Sides with Coinbase on Wallet Service, But Staking Program Remains in Limbo // Emirates Post Speeds Up Deliveries for GCC with Special Day //