It looks like you're new here. If you want to get involved, click one of these buttons!
Subscribe to our Patreon, and get image uploads with no ads on the site!
Base theme by DesignModo & ported to Powered by Vanilla by Chris Ireland, modified by the "theFB" team.
Comments
The thing is the algorithm will probably contain a component which is the microtime it was generated plus lots of other crap. It doesn't matter if you know the algorithm you still don't know the key.
Ok then by the same measure - the Tory's are at fault and responsilble for the current cyber attack because they haven't provided the funding for the NHS to upgrade from XP - an unsupported OS. I work for a local authority IT dept and to hear that many NHS units are still running XP is really surprising (and pretty indefensible).
Hope the Tories realise and admit the error of their ways when the incident is discussed by COBRA this afternoon.
If it is generated with an element of randomness, the key will still have to be sent somewhere so they can decrypt it when they receive payment. Unless they lie about that.
I know one company who was infected by a Cryptolocker variant, but were saved by their insane network logging, which captured the keys being sent to a server. It stupidly was sent unencrypted and they also had the server IP which they provided to the police.
I expressed frustration because a discussion of a cyber attack was so quickly turned in to a party political point scoring exercise.... However now that it is, as I said above, it is a real pity that the current government chose not to provide funding to extend Microsoft support for Win XP thus giving NHS time to sort things out.
Strong and stable government - the biggest lie...
If it only works on XP, what choice do you have?
2 - I find it hard to believe that none of the software suppliers have updated their software in the last 15 years to be compatible with modern operating systems. If they haven't, then why are the NHS still paying them?
3 - Any legacy software that can't be updated or replaced can easily be deployed using virtualisation.
4 - Everybody else on the planet can deal with this sort of thing in relatively trivial fashion.
The simple fact is that the NHS IT department is paying the price for a decade and a half of inactivity and waste.
The government doesn't make decisions on how the IT infrastructure maintenance budget is spent. That's down to the civil service and NHS management.
There's also the fact that Microsoft finally killed XP support in 2014 - they did a deal with the government to extend it, but refused to do so past a year (for £5.5m). That gave the NHS (and other civil service departments) a year to sort their shit out, but they elected not to even though the government instructed them to do so by April 2015 in return for the additional funding.
Everybody outside the NHS gave them as much help as they needed. They just fucked it up, and now they're paying the price.
Indeed. It's embarrassing tbh, and I don't truly think politicians directly are responsible so much as just totally and utterly shit management.
Politics is just a nice diversion - there are some incredibly stupid people who work for the NHS.
Labour deserves criticism as against expert advice they decided to embark on a massive IT project that involved developing a new centralised system. The chances of success were low but they pushed on regardless. NHS Trusts therefore kept their existing systems and didn't spend time, money and effort on upgrades.
Fast forward to 2010 and coalition government commissioned a report on the project after the contractors said the project would overrun on time and cost. The project was scrapped. The whole thing was a disaster and Margaret Hodge (Labour) described it basically as the biggest government cock-up in history. It had an impact on the NHS IT strategy.
Now you talk about funding for desktops. Two points:
1. How come many NHS Trusts did upgrade (and didn't suffer from the attack) if there was no money?
2. Microsoft offered free copies of Win 7 & 8 as part of a virtualisation project - few NHS Trusts took up the offer - why?
From what I understand from comments made by IT contractors apathy played a big part at NHS Trust level.
Remember, it's easier to criticise than create!
Moreover, do we know how many hardware or software applications are tied to an OS because the manufacturer hasn't updated their product?
I'm not defending the gravy-train mess that is NHS IT, but some situations may not be as obvious as they seem.
What's actually true - in at least a couple of suppliers' cases - is that the NHS are paying over the odds for those software suppliers to support ancient (in computing terms) XP-compatible versions of their software because that's all their computers run. Software companies hate supporting old versions of their software, because it directly hurts their bottom line and impedes progress by dragging resources away from newer versions they could sell to people.
In response to @monquixote's question above...I suspect that over the next few weeks, we'll find out exactly how much supporting XP has cost the NHS in terms of life-saving drugs (and lives lost in this incident) and a whole bunch of people will be dragged through the court of public opinion in addition to losing their jobs.
Labour's five questions for Hunt over NHS cyber-attack
Labour has called on Health Secretary Jeremy Hunt to outline the "immediate steps" the government is taking to improve NHS cyber-security.
In a letter to Mr Hunt, shadow health secretary Jonathan Ashworth says the incident "highlights the risk to data security within our modern health service and reinforces the need for cyber-security to be at the heart of government planning".
While condemning the criminals who carried out yesterday's attack that put patient well-being at risk, Mr Ashworth wants the government to respond to the following questions:
- Why NHS organisations failed to act on a critical note from Microsoft two months ago?
- What additional resources are being given to the NHS to bring the situation under control as soon as possible?
- What arrangements are currently in place to protect the NHS against cyber-attacks?
- Whether the government will launch a full, independent inquiry into the events of yesterday?
- What reassurance is there that patient data has not been accessed or compromised?
Apparently the reason Hunt has remained silent is the fact that cyber attacks come under the remit of the Home Office ... you couldn't make this up.Remember, it's easier to criticise than create!
Although come to think of it that applied when he was Chancellor too.
"Take these three items, some WD-40, a vise grip, and a roll of duct tape. Any man worth his salt can fix almost any problem with this stuff alone." - Walt Kowalski
"Only two things are infinite - the universe, and human stupidity. And I'm not sure about the universe." - Albert Einstein