Ransomware hits Australian hospitals after botched patch Hospitals connected to Australian State of Queensland's integrated electronic medical record system (ieMR) are suffering outages attributed to patching against a ransomware attack. Since the ransomware-de-jour is WannaCry/WannaCrypt, it's a fair bet that's what Queensland Health was working to patch, but somewhere along the …
"Ransomware hits Australian hospitals..."
OMG! An Aussie hospital has been hit with ransomware?!!? I want to know how & why!
"Rather, it appears, some users have been unable to log into the systems following the patch – perhaps because endpoints also need updates for compatibility."
AYFKM?
So the headline is BS, or in the latest fad speak: the headline is fake news.
I expected better from The Register.
Why can't they have a couple of test PC's configured to the standard running in the hospital to test patches on first?
Why can't they automate regression test runs to see any earlier dubious data entry / procedures that broke earlier releases don't break this one?
And I'm still wondering.
Why can't they have a couple of test PC's configured to the standard running in the hospital to test patches on first?
A knee-jerk reaction by management to patch regardless of the consequences. It's better to have a system outage and to be seen by the public as doing the right thing (like patching to prevent WannaCrypt outbreak) than do nothing and pray they don't get hit (like NHS).
This is a darn-if-you-do and darn-if-you-don't situation.
Wannacrypt patch requires an up-to-date OS. (On XP requires SP3). Perhaps they hadn't been patching, and had to roll out a lot of patches at the same time?
On Win7, windows update can get into a broken state that does not complete -- which is difficult to differentiate from the normal state where it just takes an unknown amount of time thinking about it.
From the broken state, manual patching of the Update client can take more than an hour, with frequent reboots to be sure that everything is correct.
This is one of the main reason many NHS computer lag behind in patching, the clinical systems have different dependencies and will react differently to patches, which then have to be tested against the functionality of each system and this has to be documented.
Most hospitals have over 150 clinical systems, so they either wing it and patch, or test rigorously, which means delays which may be compounded if a problem is found and they have to insist/wait/beg for an update from the systems developer.
Contracts are certainly part of the problem though.
Many of the commentards never seem to have worked in an environment with more than a few tens of PCs, individually maintained, and a lot of the rest haven't worked in the sort of diverse enterprise where there have to be a few exceptions to abso-bloody-lutely every kind of standard you try and bring in...
As the systems in question are still on very old OS, you can reasonably assume some interplay of complexity and budget or they would have been migrated years sgo. The curse of a rock solid system can be that the bean counters refuse to accept that faithful ol' Trigger needs a trip to the knackery until something like this comes along. One of my bosses was underwhelmed when I spent a boatload of cash addressing something similar and there was nothing shiny to show for it, legacy apps worked exactly like they did the day before after I gutted and replaced every box overnight after months of planning.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
