Latest in Gear

Image credit: EFE

NHS Trusts ignored patch that would’ve averted malware disaster

NHS Digital says it alerted everyone to the update last month.
349 Shares
Share
Tweet
Share
Save
EFE

The ransomware attack that crippled crucial NHS systems across the UK and continues to cause disruption could have easily been contained, according to NHS Digital. The body, which oversees data and IT infrastructure across the NHS, said hospitals and other arms of the service had ample time to upgrade their systems. The 'WannaCry' malware variant used a Windows exploit Microsoft patched in mid-March this year. At the end of April, NHS Digital notified staff and "more than 10,000 security and IT professionals," pointing them to a patch that would "protect their systems." It seems this advisory fell on some deaf ears, which explains why only certain NHS Trusts were affected.

Over the weekend, NHS Digital also addressed speculation that aging infrastructure was to blame: "While the vast majority [of NHS organisations] are running contemporary systems, we can confirm that the number of devices within the NHS that reportedly use XP has fallen to 4.7 per cent, with this figure continuing to decrease." Windows XP was put out to pasture in spring 2014, though the UK government did pay for an extra year of support back then. In reaction to the spread of 'WannaCrypt,' Microsoft took the "highly unusual step" of issuing a patch for out-of-support systems last Friday.

Reading between the lines, NHS Digital is basically blaming the update apathy of individual Trusts as the reason for the ransomware's spread. It's not the only one pointing fingers, though. In the aftermath of the attack, which hit organisations and companies across the world, Microsoft fired shots at the NSA, CIA and other intelligence agencies for keeping mum about vulnerabilities they discover. 'WannaCrypt' takes advantage of an exploit known as EternalBlue, for instance, which only really became common knowledge last month (though Microsoft had patched supported products before then). A mysterious group known as the "Shadow Brokers" published details of EternalBlue and other exploits online, claiming they were poached from the NSA's cyber war chest.

From around the web

ear iconeye icontext filevr