That NHS Ransomware Attack 277

A few important points not featuring in the wall to wall media coverage

This is US government security service technology, developed by the NSA. Edward Snowden has confirmed this and nobody is denying it. You might think that would be a prominent part of the story, but strangely it isn’t.

The arms race between major powers to develop cyber warfare and cyber surveillance capacity is a massive threat to the security of the internet. It is the very governments who most like to claim they need to intervene to protect us, who are in fact creating the dangers they cite. This is NSA software; WikiLeaks “Vault 7” leak has revealed the similar massive effort at the CIA in developing destructive software.

That is not to say the NSA or US government is behind this worldwide attack. But it is to say that western governments are spending billions of pounds on developing malware, which they cannot themselves keep safe. This should be viewed in the same light as chemical weapons programmes. Urgent international action to outlaw weaponised malware development should be a priority for the international community, as the danger to increasingly IT dependent services is extreme. The United States is the biggest aggressor and the biggest danger.

Theresa May as Home Secretary was responsible for UK cyber defences for seven years. So the Tory efforts to blame everybody else today are misplaced. The buck stops with May.

Underfunded NHS Trusts have privatised IT management and outsourced the control and security of their computer systems to contractors, as part of the general rip-up of the NHS to provide private profit. These companies are more interested in maximising profits than safeguarding against contingent attacks. Very few NHS Trusts now employ their own NHS team of dedicated computer specialists maintaining and caring for their systems, including their defences.

This process has been accelerated under the Tories, but it must not be forgotten it was started by New Labour under Gordon Brown and Tony Blair. New Labour’s 2002 policy document “Developing 21st Century IT Support for the NHS” concluded that Option 2 was the way forward: “Selectively outsource major components of the NHS IT programme”. That was New Labour. The Tories have accelerated and extended it, and chronically underfunded the NHS. That is why so little money has gone into maintaining NHS IT systems, and what little has gone in has had little effect.

Corporate profits have been great though. Remember that extraordinary numbers of MPs have financial links to private healthcare firms. If the Tories win a landslide, doubtless the numbers of MPs personally profiting from NHS privatisation will increase still further.

Liked this article? Please consider sharing (links below). Then View All Latest Posts

Allowed HTML - you can use: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

277 thoughts on “That NHS Ransomware Attack

1 2 3
  • reel guid

    Ruth Davidson this morning tweeted this:

    “Corbyn’s spokesman saying Jeremy wasn’t on the side of the IRA, but simply seeking peace is offensive to anyone who’s worn the uniform”.

    What are we to make of that? Is she repudiating the Good Friday Agreement?

    • St. Therezza's EU pawn

      Fact is that there are serious discussions on whether the soldiers involved in Bloody Sunday should face scrutiny and justice, so Ruth Davidson’s con/distortions of what who said and or meant is hardly relevant, has she no current pressing issue to get on with, such as blanket surveillance of all that is private, or why we should spend billions on Trident shite, when some 400.000 squids worth of autonomous weaponry can blow it to the proverbial lesser United Kingdom come.

      And why is Ruth Davidson is daft to beleiev that those who would like to keep in the EU would be wanting to vote for her, or want to vote NO to Independence, has the sudden sunshine boiled her testy brain somewhat?

    • Republicofscotland

      reel guid.

      Rape Clause Ruth-less Davidson, has also been spouting that Scots shouldn’t be allowed to hold a second indyref until at least 2049.

      Apologies for linking to the Shun.

      Anyway I am left wondering if Ruthie, has any of Scotland’s interests at heart at all. Or as I suspect she’s doing her damnedest, to earn her ermine cloak. ?

      I suppose Ruthie would sit nicely between Alistair Darling and Michelle Mone on the red leather benches of the House of Lords.

    • Republicofscotland

      Sounds to me like Rape Clause Ruth-less, is stirring up sectarianism, in the run up to the GE, in an attempt to get all the knuckle dragging unionists who support the likes of the O/O onside.

    • Flaminius

      The lurch rightward in established British politics over past year can be measured by the rise of this hideous creature whom the Beeb never mentions without proclaiming her the ‘star’ of conservative resurgence in Scotland. She was billed the winner of last year’s Brexit debate before it even took place. In fact, she was a harpy launching shrill, personal attacks against BoJo. But, needless to say, afterwards she was proclaimed the ‘star’ of the debate. Nicola Sturgeon’s mere existence is a shaming of this person.

  • reel guid

    The Scottish Tories political strategy is becoming clear.

    Play the Orange card to hoover up all the hardline unionist vote from Labour. The douce old folk of Scotland who always vote Tory won’t know about the OO and BNP links since they get their news from the BBC who aren’t reporting it.

    Which means the Scot Tories can keep a balance of the traditional Tory voters and the No Surrender types in order to give them 25% or slightly more of the vote.

    May then keeps on refusing a Section 30 Order and the forces of reaction – including the MSM – try their best to damp down enthusiasm for indyref2 and continue their narrative of the SNP “failing to do the day job”.

    It won’t work. Enough of the Scottish people are too progressive and clued up – via the internet – about what’s going on.

    But in the meantime it tarnishes Scotland’s reputation and damages society. Davidson is the vilest politician Scotland has ever seen. When she first became leader people naturally gave her a chance because here was an openly gay Tory leader with a sense of fun. We’re now seeing the real Ruth Davidson and it’s certainly not fun.

    • Republicofscotland

      “Davidson is the vilest politician Scotland has ever seen.”


      reel guid.

      Yip she’s a nasty, nasty piece of work, another Torkip MSP that gives me the dry boak, is mad mental Murdo Fraser. ?

      • Resident Dissident

        Even more vile than those Scottish Nationalists who supported the Nazis??

        • Resident Dissident

          Or those responsible for the Highland Clearances or those who collaborated with Culloden?

    • JOML

      Reel guid, apparently Ruth now supports free prescriptions, changing from her previous position in an effort to get some votes – an electorate ‘tart’, with no principles, it appears!

      • reel guid


        Maybe their GE canvas returns aren’t so good as they’d have us believe.

  • reel guid

    It turns out James Heappey worked as a researcher for Liam Fox at one time.

    • Sharp Ears

      That rang a bell. Heappy was discussed in March on here. MP for constituent who was concerned about sexual abuse at the Duke of York Military School, which her son attended. After she complained, she was visited by police and charged,

      ‘In September 2013, the school’s medical facility logbook was posted to her anonymously, which detailed the harsh punishments that students had been subjected to. She sent a copy to Ofsted, and notified the police.

      But rather than looking into her claims, police arrived at her cottage in the Somerset village of Gurney Slade in June 2014 and arrested her for handling stolen goods and a breach of the Data Protection Act.

      “I was horrified,” she said. “I was trying to protect children from abuse, but the only people police were investigating were the people raising concerns.”

      Another ball in Conservative long grass situation.

      • reel guid

        Heappey was one of the Tory MPs the CPS decided not to prosecute on the election expenses.

    • Habbabkuk

      I don’t know whether Mr Thomas Clark (who he? his status?) is always sensible and moderate but the title of his blog – “another angry voice” – might give people cause to hesitate.

      After all, most reasonable and moderate bloggers tend to eschew such self-advertising handles, don’t they? For example, Craig, Brian Barder, Charles Crawford…..

    • Habbabkuk

      Anger on the one hand and reasonableness and moderation on the other are strange bedfellows.

    • Habbabkuk

      Here is Mr Thomas Clark’s political stance.

      After telling us he’s against the Conervatives, Labour, Libdems and Greens and that he has a certain sympathy for the SNP and Plaid Cymru (but can;t vote for them) he reveals this:

      “I am interested in “new left” developments such as Left Unity and The People’s Assembly. Anything that improves political engagement as these campaigns are doing, can’t be all bad. If you are sick of the lack of political diversity offered by the neoliberal pseudo-economics fixated establishment parties, I suggest you try and get involved with some of these grass-roots movements.

      I think that the various left groups (including the Greens) desperately need to affiliate into a broad anti-neoliberalism, anti-austerity coalition (something like Syriza in Greece) in order to give the electorate a single alternative to the cosy establishment orthodoxy.”

      I am particularly impressed by his characterisation of – and seeming admiration for – the Greek SYRIZA party. Yes, what an alternative they’ve turned out to be.


  • RobG

    Graham Vanbergen, over at TruePublica, quotes Craig’s piece:

    I still maintain that this ‘hack attack’ was all a load of nonsense from the security services to divert attention from the fact that the premier poodle snapped back; ie, Corbyn’s speech at Chatham House on Friday.

    It was the first time in more than three decades that a high profile politician in one of the vassal states fought back against the American empire.

    So where’s coverage of Corbyn’s highly critical (and historical) speech directed at Washington..? all obliterated by the hack attack stuff.

    Everyone knows that Windows is a totally crap operating system that’s completely open to the security services. This ain’t news.

    Meanwhile, Macron was sworn-in as President of France today, which should be interesting…

    • Habbabkuk

      You must be right – 75000 infections in 99 countries just to bury a speech by Mr Jeremy Corbyn. Stands to reason.

  • Habbabkuk

    I have heard that the use of browsers like TOR by people who for one reason or another wish to use the internet without revealing their identity is in fact counter-productive because its very use is enough to provoke the interest of our security services; the latter might apparently ask themselves (not unjustifiably, perhaps) why some people feel the need to go to great lengths to conceal who they are when 99% of the population feel no need to do so.

    TOR is free, so the attitude of the 99% is not a matter of cost.

    • RobG

      I don’t conceal who I am.

      And as far as the ‘security services’ goes, they take eye-watering amounts of money from the tax payer, yet they couldn’t run a piss-up in a brewery.

      I won’t go into details here, but will just say that it is incredibly easy to avoid the total incompetents in our ‘security services’. They’re like Inspector Clouseau, despite the huge sums of money they milk from tax payers, to ‘protect us’ from the twerrorists that they create.

      Any more ‘bright ideas’, Habba?

      • Republicofscotland


        Not often I disagree with you, but on this occasion, I have to say that the security services wouldn’t have much trouble locating the average person using the internet, if they really wanted that person.

        However as Habb has so kindly mentioned 99% of the population are of NO real interest to the security services.

        • RobG

          Republicofscotland, back in the days of what I will now call ‘the previous Cold War’ I used to travel a lot in what was then Communist East Germany.

          The Stasi were all pervasive (I once spent a wonderful night in East Berlin being interrogated by the Stasi, which included torture), but in reality the Stasi were ‘nothings’, a bit like the guy behind the curtain in the Wizard Of Oz movie.

          Same applies today.

          Fear is a currency that the psychos want you to buy into.

          • Republicofscotland

            Sound very interesting Rob, your brush with the Stasi. Yes I agree that fear is a currency used by all countries security services, to instil a sense of trepidation.

            However on the other side of that coin, are cases such as Barbar Ahmed, held for seven years without charges. Not in some far-off, despot country, but in Britain.

  • Russell

    What goes through the mind of journalists in not covering (suppressing) these important story angles? Do they feel they’re doing their mates in Government a favour? Perhaps they feel it would create deep public backlash and so down play it, out of a sense of keeping society calm.

    Is there the truth

    I’m not sure. I am aware that the Internet has split society into two tiers. Those who know and those who don’t. I’ve got over a hundred alternative news blogs bookmarked now. Many of them written by former Government workers. Whether military, politics etc. Also ex Wall St and ex mainstream journalists. What they reveal has transformed my understanding.

    When I hear ‘well educated’ people talking about politics and world events they seem so programmed and ignorant of the full picture. It’s a weird position to find myself in having never been an ‘insider’. Yet thanks to these blogs I have insider knowledge.

    • Habbabkuk

      You may think you have, Russell, but can you be sure?

      Your optimism, while appealing, is unrealistic.

      After all, the MSM and govt agencies can be held to account for what they say – and usually are, sooner or later – whereas the internet allows anyone to say whatever comes into their heads with scant regard for accuracy and very little chance of being questioned let alone called to account. Is this blog not an example of this?

      Would you not agree that there are many who abuse the freedom of the blogosphere safe in the knowledge that they will never be called to account and that the blogosphere, by its very nature, is the vehicle, par excellence, of those who wish to peddle false information and deceit with zero comeback? And I don’t only refer – far from it – to what you might term “political” affairs…….take for example those who peddle shit about vaccinations….. or chiropractice…..etc, etc…

      • Republicofscotland

        “whereas the internet allows anyone to say whatever comes into their heads with scant regard for accuracy and very little chance of being questioned let alone called to account.”



        Again a fair point, however, the web allows the little man or woman on the street to push his or her version of propaganda.

        For countless decades the propaganda has been the sole abode of the press, media, rich and powerful royalty, politicians and the clergy.

        It has been used to beat the common man over the head, to coax him into fighting wars, to remove him from his land, to pay homage to royalty. The web however gives the common man or woman another point of view.

        Fake news isn’t a new phenomena, it’s only now that the people have access to what the elites have had for decades, if not centuries.

  • Tony_0pmoc

    Strong stuff from Paul Craig Roberts, and I am not necessarily disagreeing. When internet communications really started to take off around 1995, most of us used our real names, email addresses and telephone numbers. We used to phone each other up – even the ones we were in massive disagreement with. Its boring talking to people who agree with you all the time. We also used to meet and got on surprisingly well.

    “Washington is Preparing a Nuclear First Strike on Russia.

    Are You Ready to Die?

    By Paul Craig Roberts

    “Fifty years ago, the streets of Leningrad taught me one thing: If a fight is inevitable, you must strike first.” Vladimir Putin

    May 13, 2017 “Information Clearing House” – In George Orwell’s 1949 dystopian novel, 1984, information that no longer is consistent with Big Brother’s explanations is chucked down the Memory Hole. In the real American dystopia in which we currently live, the information is never reported at all.”


    • Habbabkuk

      “Fifty years ago, the streets of Leningrad taught me one thing: If a fight is inevitable, you must strike first.” Vladimir Putin


      That’s 1967, isn’t it (“fifty years ago”).

      Siege of Leningrad : September1941 – January 1944

      President Putin born : October 1952

      • Republicofscotland


        Sounds like you’re misrepresenting the quote. It could be that he’s not recalling the events from a personal point of view. But from a historical point of view.

        I’m pretty sure you know that, but you’re being rather mischievous. ?

      • Sharp Ears

        Nothing to do with the siege of Leningrad.

        ‘Russian President Vladimir Putin has provided a rare glimpse into his life as a young man, growing up in Soviet Leningrad (now called St. Petersburg), saying that his teenage years prepared him for fighting Islamist group ISIS.

        “Fifty years ago, the streets of Leningrad taught me one rule: if a fight is inevitable you have to strike first,” Putin told journalists on Thursday at the annual Valdai summit in Sochi, in answer to a question about Russia’s airstrike campaign in Syria.’

  • Tony_0pmoc

    Ben, a bloke who looked identical to Craig Murray turned up at my local pub – Saturday night last week. He was extremely well dressed, and had a nice tie. I briefly introduced myself, and shook his hand. He said his name was Steve. If it had been him, surely he would have said his name was Craig. There was a very good band on, so I couldn’t speak for long.


    • Tony_0pmoc

      Habbabkuk, I am not prejudiced. I’d even talk to you, but I would much rather talk to Nadira. I think what she does is Brill…but she wasn’t there.

  • Dr J Foster

    Can anyone point me at the actual data regarding what proportion of NHS trusts have outsourced their IT to private companies? Thanks

    • Sharp Ears

      I am sure one of the hundreds of bean counters employed by Simon Stevens at NHS England will be able to tell you. The info will probably be on a 77 page PDF – with acronyms!

      The usual suspects. Check out their connections. All ready for the privateers to arrive.

      I read that Hunt oversees a 160 strong PR/press officer team at Richmond House, the HQ of the Department of Health.

      NEVER forget that Hunt has been visiting medical health insurance companies in the US and that Stevens cane from a 10 year stint at United Health to run OUR NHS.

      Heavily edited. See the blank spaces but I could not be bothered to look at the View History page. Stevens is what he is. The Tories’ placeperson.

  • Paul Barbara

    I haven’t gone all the way through the comments, so I don’t know if this has been covered:
    ‘International Cyber Attack: Roots Traced to US National Security Agency’:

    ‘Over 45,000 ransomware attacks have been tracked in large-scale attacks across Europe and Asia — particularly Russia and China — as well as attacks in the US and South America. There are reports of infections in 99 countries. A string of ransomware attacks appears to have started in the United Kingdom, Spain and the rest of Europe, before striking Japan, Vietnam and the Philippines on May 12. According to Kaspersky Laboratory, Russia, Ukraine, India and Taiwan were hit hardest. Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack «the biggest ransomware outbreak in history». It is not known who exactly was behind it.

    The overwhelming majority of the infections appeared in Russia. The ransomware hit about 1,000 computers at the Russian Interior Ministry, though the agency’s servers were not affected thanks to using the national Elbrus operating system instead of Windows.

    The US Department of Homeland Security has not confirmed any attacks in the US on government targets or vital industries, such as hospitals and banks.

    The malicious code exploits a Windows flaw patched in Microsoft’s Security Bulletin MS17-010 in March. The malware is usually covertly installed onto computers by hiding within emails containing links, which users are tricked into opening. A single computer infected can end up compromising the entire corporate network.

    The malware is alleged to have been leaked or stolen from the National Security Agency (NSA) to be reportedly distributed by the Shadow Brokers, which claimed to have hacked an NSA-linked team of hackers last summer.

    The hints about alleged «Russia trail» have already appeared in Western media. According to NPR, the Shadow Brokers group, which is suspected of having ties to Russia, posted Windows hacking tools in April, saying it was a «protest» about US President Donald Trump. «A computer hacking group known as Shadow Brokers was at least partly responsible. It is claimed the group, which has links to Russia, stole US National Security Agency cyber tools designed to access Microsoft Windows systems, then dumped the technology on a publicly-accessible website where online criminals could access it – possibly in retaliation for America’s attack on Syria», writes the Telegraph….’

    So, despite Russia being worst hit, THEY are blamed by the Telegraph!

    ‘…Edward Snowden, the former CIA employee and NSA contractor, tweeted he was confident that the hackers used NSA tools. He believes that if the NSA had given an advance warning the hit structures and hospitals in other countries could have taken proper measures to repel the attack. Politico chimes in. «Friday’s attacks could have been avoided if the NSA had simply told Microsoft about the flaw earlier, digital privacy activists argued», the prestigious outlet informs.

    So, the National Security Agency tools were used, the NSA gave no warning and…Russia, the hardest hit by the attack, is to blame! The same song and dance as usual. Of course, nothing like evidence to go upon has been produced like in all other cases when Moscow was blamed for each and everything going wrong everywhere. It’s just that someone thinks that a group of hackers may have links to Russia and… nothing more. We’ve seen it before.

    In reality, it’s an open secret that computers, routers and other equipment normally includes element of software that could be activated by US special agencies. Hackers simply found out how it works and decided to use it for personal gains. It shows that the NSA is working on powerful software to serve as a tool for global dominance……’

    But all is not lost; bunker down in your living room, grab some grub and a bottle or two, and let the kiddies watch this:
    ‘Duck And Cover (1951) Bert The Turtle’:

    Then pack them off to bed, settle back down and watch this (put it up loud, so it drowns out the sirens):
    ‘Dr. Strangelove or: How I Learned to Stop Worrying and Love the Bomb’:

    Above all, don’t panic – remember Russia and China are just ‘Paper Tigers’!
    Their 40 and 60 million-person Civil Defence exercises are all a big bluff.

  • George

    I apologise if anyone has already mentioned this but there is a good article here:

    The main point:

    “Western security agencies have acknowledged that the present global cyberattack—among the worst ever of its kind—is the work not of any state agency, but rather of a criminal organization. Moreover, the roots of the attack lie not in Moscow, but in Washington. The “WannaCrypt” malware employed in the attack is based on weaponized software developed by the NSA, code-named Eternal Blue, part of a bundle of documents and computer code stolen from the NSA’s server and then leaked by a hacking group known as “Shadow Brokers.”

    Thus, amid the hysterical propaganda campaign over Russian hacking, Washington has been developing an array of cyber-weapons that have the capability of crippling entire countries. Through the carelessness of the NSA, some of these weapons have now been placed in the hands of criminals. US authorities did nothing to warn the public, much less prepare it to protect itself against the inevitable unleashing of the cyber weapons it itself had crafted.

    In its report on the global cyberattacks on Saturday, the New York Times stated: “It could take months to find out who was behind the attacks—a mystery that may go unsolved.”

    The co-author of these lines was the New York Times chief Washington correspondent David E. Sanger, who, in addition to writing for the “newspaper of record,” finds time to lecture at Harvard’s Kennedy School of Government, a state-connected finishing school for top political and military officials. He also holds membership in both the Council on Foreign Relations and the Aspen Strategy Group, think tanks that bring together capitalist politicians, military and intelligence officials and corporate heads to discuss US imperialist strategy.

    All of this makes Sanger one of the favorite media conduits for “leaks” and propaganda that the CIA and the Pentagon want put into the public domain.

    It is worth contrasting his treatment of the “WannaCrypt” ransomware attack with the way he and the Times dealt with the allegations of Russian hacking in the run-up to and aftermath of the 2016 US presidential election.

    There was no question then of an investigation taking months to uncover the culprit, much less any mystery going unsolved. Putin and Russia were declared guilty based upon unsubstantiated allegations and innuendo. Ever since, the Times, serving as the propaganda outlet of the US intelligence services, has given the lead to the rest of the media by endlessly repeating the allegation of Russian state direction of the hacking of the Democratic Party, without bothering to provide any evidence to back up the charge.”

  • Stephen Woodruff

    I see Microsoft are blaming governments and organisations for not protecting themselves. Yet this “vulnerability” is a design/production flaw that has existed in the product since it was purchased, one for which Microsoft had a fix they could have released at almost no cost (for Windows XP, 7 & 8) at any time, as evidenced by their release of it within a few hours of the attack. What happened to product liability? If this had been a car crashing or an appliance bursting into flames with a provable original manufacturing defect, and one which the manufacturers knew about and had the means to correct, but chose not to…. there would be a lot of MS staff in court, and it would be they, not the NHS etc who were paying for the consequences. Or am I mistaken?

    • Vestas

      The clue is in the name Stephen – “software”. ie subject to change.

      Anyway the vuln you refer to was discovered after the maintenance period for Windows XP had expired – 12 years or so, not too bad a warranty really? How long are you supposed to support something for free after you stop selling it? MS did that for 7 years.

      Also the UK govt negotiated extended support for XP in certain depts (Revenue & Customs for one) but obviously not for the NHS because poor people clearly don’t matter.

      You are very much mistaken – clueless is the term used in technical circles 😉

1 2 3

Comments are closed.