back to article NHS hospitals told to swallow stronger anti-ransomware medication

NHS Digital is set to start expanding the range of cybersecurity services available to UK hospitals and clinics. CareCERT (Care Computer Emergency Response Team) launched in November 2015, offering a national service that helps health and care organisations to improve their cybersecurity defences by providing proactive advice …

  1. Anonymous Coward
    Anonymous Coward

    Almost half have had randomsware, my backside. Every single one has, some will have been more or less successful depending on the ecosystem, you'll never get some of them to admit it even via FOI though.

    1. Anonymous Coward
      Anonymous Coward

      Oh, I do so hope the US gets hit really badly. Like Americans funding the IRA until 11/9 - what goes around comes around...

  2. Captain Badmouth
    FAIL

    I posted this on another thread

    The NHS understanding of the term "security" circa 2007 :

    "Thank you for your email. The site is secure, in that it is in a secure data

    centre with several layers of network access security. Your data is stored in a

    protected database server, only available to you when you log in with your username and password and, where applications are completed, available for viewing by the employer that advertised the vacancy that you submitted the application for.

    Your data is not 'sent' anywhere, but is viewable through the web browser by you and the employer for which the application was intended once you or they have logged in to the site.

    Making an application online without encryption is in line with normal practice on jobs and recruitment sites. However, more importantly, all aspects of the service and how it operates have been the subject of a review by an independent security consultant and by the Dept. of Health security officer before the service went live.

    I hope that this has addressed your concerns. "

    I had protested that the application to be submitted was not over a secure channel, this was the

    reply. Perhaps things will change.

    1. Alan Brown Silver badge

      Re: I posted this on another thread

      "I had protested that the application to be submitted was not over a secure channel, this was the

      reply"

      In such a case, you should forward the correspondence to the ICO. They _will_ take an interest.

      1. Halfmad

        Re: I posted this on another thread

        Not necessarily, depending on the notification on the site the applicant may be accepting responsibility if he/she is notified that it's an insecure transfer, in which case the ICO won't give two hoots.

  3. Anonymous Coward
    Facepalm

    Proactive guidance about the latest threats

    Just how different will NHS IT systems be after applying CareCERT Knowledge, CareCERT Assure and CareCERT React?

    "a service to help organisations assess their local cybersecurity measures against industry standards"

    It's 'industry standards' that has gotten us into this mess in the first place.

    1. Anonymous Coward
      WTF?

      Re: Proactive guidance about the latest threats

      I don't understand why it is such a problem for them. Don't they do frequent incremental backups and discretionary access control?

      If they do, then ransomware isn't really going to be a problem for them. If they don't, why do they think they are competent enough to store any business-critical data on their computers, let alone sensitive personal data?

  4. oldcoder

    Not 'industry standards'.

    It is Microsoft standards masquerading as "industry standards".

    Microsoft software is the poorest designed for security. Passwords stored in plaintext, hashes used for authentication, falling back to known broken authentication... executable everything...

    The only way to win (in security) is to not use Microsoft software.

    Yes, paraphrased :-) but still true.

  5. x 7

    it would help if they could force the users to all have real passwords.............

    1. oldcoder

      Not on Windows...

      The password can be/is stored in memory in plaintext.

      You don't even need the password for NTLM hacks - just grab the hashed version actually used...

  6. David Lawton

    Maybe they should start by not using an OS that hides file extensions by default.

  7. CalinGhibu

    Not sure backups are enough

    Hi, I am not sure conventional backups work in healthcare. I noticed people mention them often.

    Healthcare is a highly dynamic environment and critical data gets generated every minute. Incremental backups cannot run that often without creating an unsustainable IT overhead. Daily increments may be useless if you are hit by ransomware at noon, and in the afternoon you need data collected in the morning.

    First and foremost people need to be trained and know how to avoid dangerous situations. Next, a specialized solution is needed to detect and stop ransomware. Since no solution is 100% reliable, a product that can also protect the files in real time and restore them in the case of a successful ransomware attack can help bring peace of mind.

    I work for a company that builds such a product, combining ransomware detection based on file access patterns with file protection in real time, depending on how files are being manipulated. So, there are solutions which are not conventional and may yield better results.

    (Rules of the house do not allow me to advertise, the point of my post is to raise awareness about newer and unconventional technology and encourage people to keep an open mind)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022