Information Security

 

Ransomware attacks against NHS trusts.

Friday, May 12, 2017

We are aware of reports of a wide-scale ransomware attack targeting users computers in the NHS.

The NHS have published a statement and it is likely that this threat will spill over into other sectors, including education.

Early indications are showing that this may be a variant of the malware is exploiting MS17-010 which is
a vulnerability in Microsoft Server Message Block 1.0 SMBv1 dating from March 2017.

Further information on this particular issue is available here
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Recommended best practice is not to expose your infrastructure to these
services, if you are concerned that you are vulnerable to this then
disabling SMBv1 is recommended.

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/