Discussing UK law. Links: swarb.co.uk | law-index | Acts | Members Image galleries

NHS software attack

A place to sit about and chat between more important things.

Re: NHS software attack

Postby 3.14 » Sat May 13, 2017 1:25 pm

By the way, banks in Chile have been affected. This is a worldwide attack not particularly aimed at the NHS.
Hide in the noise. #hackerwisdom
User avatar
3.14
 
Posts: 2136
Joined: Thu Nov 01, 2012 2:58 pm

Re: NHS software attack

Postby Hairyloon » Sat May 13, 2017 2:09 pm

Which government department is responsible for these decisions?
Take me to your lizard...
User avatar
Hairyloon
 
Posts: 10011
Joined: Thu Nov 01, 2012 3:12 pm
Location: From there to here and here to there... Funny things are everywhere.

Re: NHS software attack

Postby Smouldering Stoat » Sat May 13, 2017 2:12 pm

The National Health Service in England is the responsibility of the Department of Health, but much decision-making is the responsibility of individual trusts. The devolved governments make their own arrangements.
Smouldering Stoat
 
Posts: 6293
Joined: Thu Nov 01, 2012 6:31 pm
Location: Near the Creek.

Re: NHS software attack

Postby dls » Sat May 13, 2017 2:49 pm

Remind me why the taxpayer is still paying for obsolete software when perfectly good free software is readily available.

The free stuff is fine (Linux I presume) for all sorts of smaller stuff, but attempts to use it for te management of public services have, so far as I know ended in failure.

The vastly more complicated stuff which runs the NHS is just a no hoper.
David Swarbrick (Admin) dswarb@gmail.com - 0795 457 9992
User avatar
dls
Site Admin
 
Posts: 12193
Joined: Thu Nov 01, 2012 1:35 pm
Location: Brighouse, West Yorkshire

Re: NHS software attack

Postby dls » Sat May 13, 2017 2:52 pm

More importantly, what this has shown is just how susceptible our society is to cyber risks. This has gone a long way past the NHS. This time,the results have been extensive, but not - so far as we know - a disaster. Change a few of the variables and the risks are indeed huge.
David Swarbrick (Admin) dswarb@gmail.com - 0795 457 9992
User avatar
dls
Site Admin
 
Posts: 12193
Joined: Thu Nov 01, 2012 1:35 pm
Location: Brighouse, West Yorkshire

Re: NHS software attack

Postby shootist » Sat May 13, 2017 9:01 pm

Smouldering Stoat wrote:I have three stepsons who work in IT - one for the Police and two in financial services - and none of them would touch linux with a bargepole. I've used it myself in the past to their universal derision. It's buggy, littered with unpatched exploits, and - again - productivity falls because people are unfamiliar with it. There's not so much malware but that's largely because so few people use it.


I have been given to understand that many, if not a majority, of mainframe internet servers run on Linux. Many, possibly most, network attached servers use Linux. There are many versions about that are freely available that are rock solid. The trouble comes when you want to do something different. Then it's hard work. For the likes of the NHS I would have thought it possible fro them to use main servers running Linux and Windows terminals.
"I do not agree with what you say, but I'll defend to the death my right to be offended by it."
User avatar
shootist
 
Posts: 3536
Joined: Sat Aug 10, 2013 9:40 pm

Re: NHS software attack

Postby diy » Sun May 14, 2017 6:06 am

A lot of errors on this thread.

Linux is the dominant operating system in data centres, by far - probably 60+%. Even Microsoft realised it was wiping out their windows server market, so they ported their database platform to run on it. Some of the fastest largest data platforms run on linux
All BigData platforms run on Open source (hadoop)
The largest cloud provider (80% market share) runs its stack almost entirely on Open source.
There are 1000s of companies who provide support for open source software.
Open Office was development by Sun Microsoft and then later by Oracle Corporation before being passed to the Apache project.
There are plenty of large corporate firms who provide free software, with published maintenance and roadmaps. e.g. mysql, Java

The issue here is nothing to do with microsoft vulnerability (though it would be nice if they followed the linux lead on software verification, which would limit these things). The issue is desktop ghosting or cloning. They should have been able to reset the failed clients far quicker than they did and there shouldn't have been any important data residing on the desktop.

Importantly if this is the work of the US government. I'd expect them to take responsibility for their accident like they expected BP to pay for the cleanup of its.
My suggestions are not legal advice
User avatar
diy
 
Posts: 2573
Joined: Fri Nov 02, 2012 10:06 pm

Re: NHS software attack

Postby Hairyloon » Sun May 14, 2017 8:08 am

diy wrote:Importantly if this is the work of the US government. I'd expect them to take responsibility for their accident like they expected BP to pay for the cleanup of its.

Yeah, good luck with that.
Take me to your lizard...
User avatar
Hairyloon
 
Posts: 10011
Joined: Thu Nov 01, 2012 3:12 pm
Location: From there to here and here to there... Funny things are everywhere.

Re: NHS software attack

Postby diy » Sun May 14, 2017 8:41 am

but you know if it was the other way around... hmmm :/
My suggestions are not legal advice
User avatar
diy
 
Posts: 2573
Joined: Fri Nov 02, 2012 10:06 pm

Re: NHS software attack

Postby atticus » Sun May 14, 2017 9:20 am

I can see analogies with the rule in Rylands v Fletcher:

If you bring something onto your land, which will cause damage if it escapes, and which escapes, and causes damage, you are liable. (OK, it's a nuisance/land law case, and I missed out the bit about non-natural use of land).

Of course if this thing was developed by the US NSA, it was with the possibility in mind that it might be released into the wild at some point.
User avatar
atticus
 
Posts: 19699
Joined: Sun Nov 11, 2012 2:27 pm
Location: E&W

Previous

Return to The Robing Room

Who is online

Users browsing this forum: No registered users and 1 guest