The NHS Malware attack: What we’ve learnt and how to apply it to personal computing.
NHS Malware – Who, What, When and Why?
Who; It’s reported that the National Security Agency (NSA) developed software to access weaknesses in Windows operating systems for spurious reasons. What that means is the largest government funded cyber ‘security’ agency in the world has developed a way to look into each and every one of our computers to view files. You know... for our protection! The reality is that in the USA they would require a court order but they do this so often and so frequently it is almost impossible to do anything about! Anyway, those of us not protected by the USA constitution i.e. everyone outside of the USA has no power to stop the NSA entering our computers. Now I’m not saying the NSA was behind the attack but sources suggest that the malware was stolen from them and used by online gangs for the reason of blackmail.
What; The Malware developed is basically targeting operating systems (the software that runs your computer) that are out of date. Windows XP, Windows Vista and anything pre-dating 2001. So if you’re still running a PC or Laptop with these operating systems it’s time to buy a new computer. I know there has been news that windows have released a patch (a bit of programming to cover the gaping hole) but unfortunately it’s just a matter of time before this happens again. And guess what, you’re not the NHS – so bin your ten year old computer and get something a bit more modern! We are after all living in the time of the £39 PC.
When; so as most of us know this attach took place around the 15th of May 2017 what is now being said is that it is unlikely that it was a phishing email (an email sent out pretending to be from agencies or companies like HMRC or Amazon). It appears to have been a worm (an automated piece of code that multiplies and spreads, usually through large networks like the NHS). This can only work if vulnerabilities are in the system i.e. outdated OS and out of date virus protection software.
Why; Some say it was for political reasons and some say for money, I believe it was done to see if it could be done. The reality of this software is that it’s like a firework, once lit it cannot be controlled and is unlikely that it can be put out. People have paid the demand (made in bitcoin) and still have had no resolution. The very fact that whoever was responsible for this asked for the ransom in bitcoin shows that there was no real attempt to collect a ransom. Simply because anyone operating Windows XP or any of its predecessors clearly doesn’t know a great deal about computing and therefore probably has no clue what a ‘bitcoin’ is.