Roundup: NHS Cyberattack Is Now Global In Scope… Here’s What You Need To Know

What started out about a story about the NHS getting pwned by ransomware has now evolved into the biggest cyberattack in history. The New York Times has a map that illustrates how wide spread the attack is. The Financial Times has an excellent story on the attack itself which utilizes a piece of NSA developed malware to leverage poorly secured or antiquated systems running the Windows OS. In terms of the latter, the NHS in the UK was apparently running Windows XP systems which haven’t had security patches from Microsoft in years. Thus making them great targets for this sort of thing. You can bet that heads will roll over that. Organizations such as Fed Ex, Telefonica, Renault, The Russian Interior Ministry among others have hit by this cyberattack.

All is not lost though. Microsoft has added detection and prevention routines to their antivirus products. Other antivirus vendors are doing the same. And by sheer luck, A British cybersecurity researcher accidentally stopped the attack from spreading more widely.

The only good news is that this may be the event that finally forces companies and governments to take cybersecurity seriously. Not to mention the average consumer. After this calms down, I suspect that a serious rethink about how one protects themselves in the age of the cyberattack.

UPDATE: Microsoft has advice for customers here. This page also includes emergency patches for operating systems as far back as Windows XP.

UPDATE #2: If you are a network admin who wants to protect their network from potentially getting pwned by this, here’s what you need to know. Disabling SMBv1 disables the bug that the NSA sourced ransomware uses. Guidance on how to do that can be found here. This applies to devices like network attached storage boxes that may use SMBv1 as well. You should also firewall off SMB ports 139 and 445 from the outside world and restrict access to the service where possible on internal networks.

UPDATE #3: Another way to protect yourself is to ensure that your computer(s) are fully patched. Thus this is a really good time to run software update to make sure that you are covered. This applies to companies, governments, and individuals.

UPDATE #4: A reader just asked me if this ransomware affects Macs. It does not.

UPDATE #5: Motherboard is reporting that there is a new version of this ransomware. The difference is that this one cannot be stopped accidentally or otherwise. Thus we may about to see round two this cyberattack.

Advertisements

2 Responses to “Roundup: NHS Cyberattack Is Now Global In Scope… Here’s What You Need To Know”

  1. […] title of this story sounds a bit harsh, but I think that this cyberattack where tens of thousands of computers in something like 170 countries are being held… is a wake up call for a number of […]

  2. […] is best known as the UK national who upon analyzing a sample of the “WannaCry” malware that hit the planet earlier this year, stumbled upon a kill switch that was tied to a domain name. Upon learning that, he registered said […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: