After duly digesting the implications of that cyber attack on the NHS, the thought occurred to the inmates of the Northcliffe House bunker that the skimping on virus and malware protection which contributed to the chaos could be very easily traced back to the very Conservative Government that all those hacks and pundits were working so hard to re-elect. So some kind of diversionary tactic was called for.
And so it came to pass that today’s Mail on Sunday brought readers a suitably thundering headline: “NHS HAD 66 ALERTS BUT DID NOTHING … Cyber crooks launched multiple raids on hospitals last year … but not one was reported to Police”. What would reporting a cyber security alert to the cops achieve? They can stop real thieves, real vandals, real practitioners of harassment. Does the MoS think they can apprehend malware?
Are Geordie Greig and his pals suggesting that the Police would be able to provide a free-at-the-point-of-use virus check and security patching service? Would the local cop shop have advice on upgrading and/or replacing obsolete hardware and software? Might they dispatch officers to stand guard at the door of the local hospital’s server room in order to dissuade those “cyber crooks”? The entire premise of this argument is bullshit.
Still, on ploughs the MoS, telling readers “Hackers demanding ransoms launched 66 cyber attacks on English hospitals last year - but none was reported to police … The astonishing failure of the NHS to take action laid its computer systems open to the devastating assault on Friday, experts said … Details of the 2016 incidents only emerged during a Mail on Sunday investigation using freedom of information requests”.
Who are these experts? Here’s one: “One expert, Brian Lord, a former GCHQ director, said fear of ‘embarrassment’ may have stopped the trusts coming forward to report the earlier attacks … He said they should have led to hospitals ‘getting their basic security measures up to date’”. He didn’t say the cops should be roped in.
Is there another expert in the house? “Security expert Paul Norris said large networks are particularly at risk as the virus continues to spread”. Nor did he.
But we do know that “Production at Nissan’s Sunderland plant has also affected by the attack, but bosses said there had been ‘no major impact’ on the business … ’Like many organisations our plant was subject to a ransomware attack affecting some of our systems on Friday evening,’ a spokeswoman confirmed”. Is the MoS going to go after them for management failures, and suggest they too should call the cops?
You think I jest? In a Mail on Sunday Comment to back up this article, we are told “While there was money to squander on failed IT systems, and - very possibly - to pay crooks, nobody seems to have found the comparatively small amounts of cash needed to modernise the worn-out and hopelessly insecure Windows XP systems still used by nine out of ten trusts … In short, this is a matter of incompetence, lack of vigilance and skewed priorities, not of money”. And once more I call bullshit.
This has nothing to do with “failed IT systems”, and the small amounts of cash have been denied the NHS by a penny-pinching Government. Don’t let the Tories off the hook.