The latest news is
full of reports of a massive ransomware attack on the NHS computer
systems (and many others as well). Now this is not a new phenomenon, actually this type of
cyber attack has been with us a while. It seems the process itself is
quite simple. Due to inadequate safety/security, old software, no
backup systems or even plain carelessness it is too easy to scan a
whole range of IP addresses, looking for open gates to walk through
(gates=ports). The choice is over 64,000 ports, take your pick.
So, too easy to
install a bit of software that encrypts the hard drives and stops
access. Hey, I am doing that myself as well! I encrypt my own hard
drives! To decrypt you will need a 256bit password. Now why do
businesses and the NHS which is in charge of some highly sensitive
data (medical records) not think more about how they set up systems?
Ditch Windows altogether and use Linux? Have proper back-up systems,
possibly using NAS (Network Attached Storage). Even a simpleton like
myself uses a NAS! Cheap, a few terabytes attached to a router. Cost
no more (at least for a single user) then £50 or so. Using backups
then is very simple and takes no more than an hour of your time.
Linux backup programs such as Deja-Dup are easy to administer and
set-up. But OK I realise the NHS stuff is somewhat bigger but the
principles are exactly the same!
Security is not
being taken seriously enough and now we can see where that will end.
In tears mostly. But more worrying is the fact that our medical
records will be for sale at some time in the near future. I hope mine
will be interesting to the Russians? Yes, I am taking some high
blood-pressure remedy, what of it? Can you do it cheaper and better,
let me know.
No comments:
Post a Comment