Tag Archives: uk

NHS cyber-attack: hospital computer systems held to ransom across England

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Hospitals across England have been hit by a large-scale cyber-attack, the NHS has confirmed, which has locked staff out of their computers and forced many trusts to divert emergency patients.

The IT systems of NHS sites across the country appear to have been simultaneously hit, with a pop-up message demanding a ransom in exchange for access to the PCs. NHS England has declared a major incident. NHS Digital said it was aware of the problem and would release more details soon.

Details of patient records and appointment schedules, as well as internal phone lines and emails, have all been rendered inaccessible.

NHS Digital said: “A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack which is affecting a number of different organisations.

“The investigation is at an early stage but we believe the malware variant is Wanna Decryptor. At this stage we do not have any evidence that patient data has been accessed. We will continue to work with affected organisations to confirm this.

“NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organisations and to recommend appropriate mitigations.

“This attack was not specifically targeted at the NHS and is affecting organisations from across a range of sectors.

“Our focus is on supporting organisations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.”

According to reports, affected hospitals include those run by East and North Hertfordshire NHS trust, Barts Health in London, Essex Partnership university NHS trusts, the university hospitals of Morecambe Bay NHS foundation trust, Southport and Ormskirk hospital NHS trust and Blackpool teaching hospital NHS foundation trust.

More reports of affected hospitals are continuing to stream in, as well as claims that GP surgeries are coming down with the virus, which demands a payment of $300 to release files it claims have been encrypted. The NHS has been unable to give a full list of the sites affected.

British law enforcement believes the attack is criminal in nature, as opposed to be a cyber attack by a foreign power, and is being treated as serious but without national security implications.

The National Crime Agency, which is Britain’s version of the FBI, was taking the lead in dealing with the investigation into the attack. Investigators believe the attack is significant with many computers affected across the country.

A spokesman for the National Cyber Security Centre said: “We are aware of a cyber incident and are working with NHS digital and the NCA to investigate.”

In a message to a Guardian reporter, one NHS IT worker said: “At approximately 12.30pm we experienced a problem with our email servers crashing. Following this a lot of our clinical systems and patient systems were reported to have gone down.

“A bitcoin virus pop-up message had been introduced on to the network asking users to pay $300 to be able to access their PCs. You cannot get past this screen. This followed with an internal major incident being declared and advised all trust staff to shut down all PCs in the trust and await further instructions.

“This is affecting the east of England and number of other trusts. This is the largest outage of this nature I’ve seen in the six years I’ve been employed with the NHS.”

Another NHS worker, who works at an Essex hospital but asked to remain anonymous, said: “We got some ransomware that came through on the computers at about 2pm. We were told to shut down, take out network cables and unplug the phones. A message came up for just one of our team about the fact that all the files would be wiped in two hours unless we gave $300 in bitcoins.”

She confirmed that the image that appeared on her colleague’s screen was the same as one that has already been circulated on Twitter, which says: “Ooops, your files have been encrypted!

“Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.”

The screen tells users to send $300 worth of bitcoin to a bitcoin wallet address. It adds: “You only have three days to submit the payment. After that the price will be doubled. Also if you don’t pay in seven days, you won’t be able to recover your files forever.”

A Barts spokesman said it was experiencing “major IT disruption” and delays at all four of its hospitals, The Royal London, St Bartholomew’s, Whipps Cross and Newham. He said: “We have activated our major incident plan to make sure we can maintain the safety and welfare of patients.

“We are very sorry that we have to cancel routine appointments, and would ask members of the public to use other NHS services wherever possible. Ambulances are being diverted to neighbouring hospitals.”

GP surgeries across Liverpool and parts of Greater Manchester also appeared to have been affected by the cyber-attack.

The NHS Liverpool clinical commissioning group said: “Please be aware the NHS is experiencing serious IT problems today. Please only contact your GP surgery or hospital in a genuine emergency.”

One Liverpool GP, John Caldwell, said he had “no access to record systems or results” and described the disruption as “very limiting”. Dr Chris Mimnagh, a GP in Liverpool, told the Guardian that his surgery had “severed links” to the wider NHS network as a precaution.

He said: “Unable to access our clinical system – as a precaution our area has severed links to the wider NHS, which means no access to our national systems, no computers means no records, no prescriptions, no results, we are dealing with urgent problems only, our patients are being very understanding so far.”

A spokesman for the Royal Liverpool and Broadgreen university hospitals trust said it was “aware that there’s an issue nationally and we’re reviewing our IT systems”.

A spokeswoman for Central Manchester university hospitals, the largest NHS trust in Greater Manchester, said she was “genuinely not sure” if they had been affected and that they were investigating.

A GP surgery in Bury, Greater Manchester, said all networks in the region had been affected. Peel GPs said on Twitter: “All Greater Manchester networks down – we cannot access any patient info plz RT @NHSBuryCCG.”

Doctors have been posting on Twitter about what has been happening to their systems.

A screengrab of a instant message conversation circulated by one doctor says: “So our hospital is down … We got a message saying your computers are now under their control and pay a certain amount of money. And now everything is gone.”

East and North Hertfordshire NHS trust said in a statement: “Today (Friday, 12 May 2017), the trust has experienced a major IT problem, believed to be caused by a cyber attack.

“Immediately on discovery of the problem, the trust acted to protect its IT systems by shutting them down; it also meant that the trust’s telephone system is not able to accept incoming calls.

“The trust is postponing all non-urgent activity for today and is asking people not to come to A&E – please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency.

“To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need.”

The attack comes as several Spanish companies, including the telecoms giant Telefónica, were also targeted by a “massive ransomware attack”, according to Spain’s national cyber-security centre. The attack appears to present the same message to users as those targeting the NHS.

In a statement released following an apparent wave of attacks on Friday morning, the National Cryptology Centre said a cyber assault had been launched “against various organisations”, affecting Windows systems and corrupting networks and archives.

The ransomware used in the Spanish attacks is a version of the WannaCry virus, which encrypts sensitive user data, the National Cryptology Centre said. Telefónica confirmed there had been “a cybersecurity incident” affecting the intranet of some computers at its Madrid headquarters.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Amazon AWS S3 outage is breaking things for a lot of websites and apps

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Amazon’s S3 web-based storage service is experiencing widespread issues, leading to service that’s either partially or fully broken on websites, apps and devices upon which it relies. The AWS offering provides hosting for images for a lot of sites, and also hosts entire websites, and app backends including Nest.

The S3 outage is due to “high error rates with S3 in US-EAST-1,” according to Amazon’s AWS service health dashboard, which is where the company also says it’s working on “remediating the issue,” without initially revealing any further details.

Affected websites and services include Quora, newsletter provider Sailthru, Business Insider, Giphy, image hosting at a number of publisher websites, filesharing in Slack, and many more. Connected lightbulbs, thermostats and other IoT hardware is also being impacted, with many unable to control these devices as a result of the outage.

Amazingly, even the status indicators on the AWS service status page rely on S3 for storage of its health marker graphics, hence why the site is still showing all services green despite obvious evidence to the contrary.

We’re monitoring the situation and will provide more info as it becomes available.

Source: https://techcrunch.com/2017/02/28/amazon-aws-s3-outage-is-breaking-things-for-a-lot-of-websites-and-apps/

Facebooktwittergoogle_plusredditpinterestlinkedinmail

HACKED: PUB CHAIN JD WETHERSPOON; 500,000+ CUSTOMERS’ RECORDS BREACHED

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Pub company JD Wetherspoon has confirmed that its database was the target of a cyberattack. The data breach could potentially affect over half a million customer records from the database.

A database of over 650,000 customers of UK pub chain JD Wetherspoon has been breached by unknown malicious hackers. According to a statement put out by the company, a “very limited” number of customers have had their credit and debit card details stolen, although they are unlikely to be used for fraudulent transactions.

While the card data was not encrypted, only the last four digits of payment card details were stored in the database to begin with, according to CEO John Hutson.

The statement read:

These credit or debit card details cannot be used on their own for fraudulent purposes, because the first 12 digits and the security number on the reverse of the card were not stored on the database.

In a BBC report, it is revealed that the database also held details of 656,723 customers such as:

  • Names
  • Dates of birth
  • Email addresses
  • Phone numbers

The breach is significant, despite the lack of financial information stolen as it is entirely within the realm of possibility that expert malicious hackers could potentially use the breached personal data to engage in identity theft of phishing campaigns.

In a letter to customers, Hutson stressed there was no evidence to show any fraudulent activity from the breached data. Customers are also recommended to stay vigilant against any emails or messages that request them to click or download any files or request any financial and personal data.

An excerpt from the statement read:

We apologize wholeheartedly to customers and staff who have been affected. Unfortunately, hacking is becoming more and more sophisticated and widespread.

The cyberattack struck the company’s old website between June 15 and June 17. The website has since been replaced. Wetherspoon was only made aware of the possible breach on December 1 while confirming it soon after.

The United Kingdom has weathered a blitz of cyberattacks lately with the TalkTalk hack proving to be the most prominent data breach in recent times. Over 4 million users’ personal details may have been compromised with the telecom and broadband provider noting that it might cost the company upwards of $50 million as a one-time financial hit.

Featured image The Flying Standard pub from Shutterstock.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Call Centre Dialler

Facebooktwittergoogle_plusredditpinterestlinkedinmail
Blue Telecoms - Call centre Dialler
Blue Telecoms – Call Centre Dialler 

Website: http://www.bluetelecoms.com

Both outbound and inbound call centres rely heavily on diallers to significantly increase the performance of their sales agents. The most common issue the call centres that we speak to experience, is the amount of dead time agents have while waiting for calls, as well as how campaign data is utilized.

Outbound diallers, such as VICIdial, are used to make multiple outbound calls per agent to the data lists in your campaigns, and then connect only human answered calls to your agents.

The main difference between a predictive dialler, and other sorts of diallers such as progressive, is that predictive diallers use complex algorithms to calculate how many calls to make at any one given time to ensure that agents aren’t constantly waiting around for calls.

Why use a hosted dialler?

The most obvious reason for using a hosted dialler, such as the ones offered by Blue Telecoms, is cost. The initial outlay for an onsite dialler is usually in the range of £100,000! Even more if you opt for call technology such as ISDN.

In addition, it can take weeks to plan and install an onsite dialler, whereas as long as you have a stable internet connection at your office, a hosted dialler can be up and running in hours.

As far as maintenance and upgrades go, a hosted dialler wins there too. There’s usually no further costs for maintenance and upgrades to our hardware, and most of the software, whereas an onsite dialler would require a specialist to come out and perform the work, or to have a specialist member of staff, or even a team to carry out the tasks.

And, if you ever decide to expand, a hosted dialler can be expanded with usually no disruption to your call centre, and can be done almost as quickly as the initial setup, whenever you want.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Dashcam footage accepted by insurers in disputed claims

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Most UK insurance companies will now accept dashboard camera footage in disputed claims – but few will offer a discount on premiums for using one.

These “dashcams” are small, forward-facing cameras that film a driver’s view of the road.

When asked by provider Nextbase, 29 insurers said they would consider using dashcam evidence in the claims process.

This would be put alongside any accounts from independent witnesses if the parties involved disagreed.

Experts also stress that drivers with dashcams should still collect as much evidence as possible in a claim when there is disagreement between the parties involved, such as the details of other motorists who may have seen the collision.

Discounts

Insurance premiums have been falling in recent months, according to various measures.

The AA said that the cheapest annual comprehensive car insurance on the market was £200 lower in the early months of 2015 than at its peak in 2011.

But the motoring group said it expected this average of the cheapest deals – £540 a year – to increase in the coming months.

Some drivers are able to secure a discount on their premium by installing a “black box” in their vehicle.

This records evidence, such as whether a driver is travelling within speed limits, and is aimed at encouraging safer use of the roads.

Malcolm Tarling, of the Association of British Insurers (ABI), said that it was far more likely for motorists to get a discount from their insurer when using a black box than when using a dashcam.

He added that insurers would generally have to write a clause into the terms and conditions of any discount to be able to demand dashcam footage be released by the owner, even if this implicated the driver as the cause of a collision.

Meanwhile, a price comparison website is warning drivers to ensure that any pets travelling in vehicles are secure.

“The law is clear – you must secure your animal while in a car,” said Matt Oliver, car insurance spokesman at Gocompare.com.

“Therefore if you don’t do this and an animal roaming freely around the vehicle is said to have contributed to causing an accident, then an insurance company could be well within their rights not to pay out on a claim.”

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Legally using a CB or Amateur Radio Whilst Driving

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Can you legally use a CB radio whilst driving in the UK?
Yes you can, two way radios such as CB, amateur radio, taxi radio etc are exempt from the mobile phone laws. But be aware that you will be prosecuted if your use of a CB radio results in dangerous driving or an accident. Also, using one will give the police an excuse to pull you over much the same as they pull over vehicles that have blue LED lights which aren’t illegal either. Have a look at the Police National Legal Database http://www.askthe.police.uk and do a search for CB or blue LED’s but remember – the police just need an excuse to check both you and your vehicle.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

‘Cyber attack war games’ to be staged by UK and US

Facebooktwittergoogle_plusredditpinterestlinkedinmail

The UK and US are to carry out “war game” cyber attacks on each other as part of a new joint defence against online criminals.

The first exercise, a staged attack on the financial sector, will take place later this year, Downing Street said.

The “unprecedented” arrangement between the two countries was announced by Prime Minister David Cameron ahead of talks with US President Barack Obama.

The two men discussed a range of other issues, including counter-terrorism.

They are holding a press conference in the Oval Office of The White House after talks lasting about an hour.

Mr Cameron has previously said in relation to cyber attacks that there should be no “means of communication” which “we cannot read”.

He is expected to talk to the US president about getting companies such as Google and Facebook to allow governments to view encrypted messages.

‘Modern threat’

In terms of the planned cyber war games Downing Street said they will aim to improve the flow of information between the US and UK about threats.

No 10 said agents will co-operate in “cyber cells”, involving MI5 and the FBI, and they will be the first the UK has established with another country.

Speaking to BBC political editor Nick Robinson after arriving in Washington on Thursday night for a two-day visit, Mr Cameron said cyber attacks were “one of the big modern threats that we face”.

The first war game will involve the Bank of England and commercial banks, targeting the City of London and Wall Street, and will be followed by “further exercises to test critical national infrastructure”, Downing Street said.

Money will also be made available to train “the next generation” of cyber agents.

Analysis by Gordon Corera, BBC security correspondent

The tensions and confusions over what cyber security means are all too apparent this week.

Is it about defending corporate networks against hostile attackers of the type who targeted Sony? That’s the focus of today’s announcements about war-gaming and threat cells.

Or is it about getting hold of data and communications about terrorists? That seemed to be the focus earlier in the week, with briefings that the visit would focus on getting US companies to be more helpful in providing data to British authorities.

The two are different in focus and it is not yet clear how much progress on the latter the prime minister will make with a president whose relations with the tech sector are already difficult post-Snowden.

There is also some tricky overlap between the two fields, for instance on how far information should be encrypted so it cannot be read or stolen.

Encryption may foil foreign cyber spies but also stymie law enforcement.

line

The measures come in the wake of the recent hacking of Sony Pictures’ computers and the US military’s Central Command’s Twitter feed, where comments were posted promoting Islamic State (IS) militants.

The cyber attack on Sony Pictures led to data being leaked from its computers exposing emails and personal details about staff and stars.

The hackers, who called themselves #GOP or Guardians of Peace, also threatened cinema chains planning to screen Sony’s satirical North Korea comedy, The Interview, the plot of which involves a bid to assassinate the country’s leader Kim Jong-un.

Sony initially cancelled the film’s release after leading US cinema groups said they would not screen it, a move which Mr Obama later described as “a mistake”.

Mr Obama has said cyber threats were an “urgent and growing danger” and unveiled domestic proposals to strengthen the law.

The UK’s National Audit Office warned in 2013 that a lack of skilled workers was hampering the fight against cyber crime.

Mr Cameron said the UK was already prepared for a cyber attack, saying GCHQ had “massive expertise”, but added more needed to be done.

He said: “We need to be able in extremis to interrupt the contact between terrorists.

“It’s also about protecting people’s data, people’s finances – these attacks can have real consequences to people’s prosperity.”

‘Beef up filters’

The BBC’s technology correspondent Rory Cellan-Jones said there had been a lot of concern over Mr Cameron’s inference that governments should be able to view encrypted data.

He said not only were civil rights groups worried, but major players in the technology industry said banning encrypted messages could harm British trade if UK companies were seen to be not private.

Our correspondent also told BBC Radio 4’s Today programme that smaller social networking sites were just as well used by potential hackers as the well-known ones.

He said he had found an example of an exchange on the site Ask.fm which appeared to be from an IS fighter asking another user which country he should go to for weapons training.

In relation to the site being used for this type of communication Doug Leeds, the chief executive of Ask.com, which owns Ask.fm, said: “We have taken some action, and we’re looking to take more, what we have done so far is beef up our filters to try and look for patterns that would suggest that this is going on.”

Howard Schmidt, a former eBay and Microsoft executive, told the BBC attitudes around privacy and the right to encrypt personal data were still hotly debated in the US in light of the revelations disclosed by fugitive US intelligence leaker Edward Snowden.

Among other things, Snowden’s leaks detailed the National Security Agency’s practice of harvesting data on millions of telephone calls made in the US and around the world, and revealed the CIA intelligence agency had snooped on foreign leaders.

A recent report by GCHQ, the UK government’s communications security agency, on the issue of cyber attacks said that more than 80% of large UK companies experienced some form of security breach in 2014, and attacks were on the rise.

 

Facebooktwittergoogle_plusredditpinterestlinkedinmail