Ambulance patient records system hauled offline for cyber-attack probe Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyber-attack aimed at health software company Ortivus. In a statement, the Sweden-headquartered software vendor said it was subject to a cyber-attack on July 18 which hit UK customer systems within its …
are they what sorry? unencrypted?
Of course they are, I've viewed the text in my terminal hooked up to a budget yaesu*. The attack surface is hard to define when you quite literally pluck personal data out of thin air, I'm in eastern England and saw messages between ambulances and hospitals in Northern Ireland as it's centralised nationally. Another chap webcast them but got into trouble for distributing it. Fun fact; it shares the same system as what bird watchers use, so without any filter you get death then a rare bird spotted on a pub roof and back again. They have the same level of security as open public birdwatching comms.
*would not recommend, it's fairly depressing seeing people in trouble with no followup on how they did, can't imagine how ambulance personnel deal with that
Several? Only two were named in the article. Do we know who the others are or has that information not been released yet? The Beeb report listed the same two Ambulance Services but only said two were affected, no hint of which, if any, others might have been affected.
"South Central Ambulance Service Trust attends incidents in Oxfordshire, Berkshire, Hampshire and Buckinghamshire, along with non-emergency coverage for Sussex and Surrey.
South Western Ambulance Service Foundation Trust covers Bristol, Cornwall, Devon, Dorset, Gloucestershire, Somerset, Wiltshire and the Isles of Scilly."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
