Today, 13th May 2017, according to news broadcasts it seems that one or more NHS employees must have seen a new email and opened it's attachment. I'm not altogether suprised because lately I've noticed my inbox has several such emails and these seem to be getting more and more plausible. Usually the language is a trifle odd, but of course nowadays the use of odd English language is so common, even on the Beeb, who's to say that DHL or Bloggs & Co aren't employing someone whose English is not their second language? Apparently the virus, once released, uses the local area network to spread to other computers.
Back to the NHS fiasco...Now that the man on the Clapham omnibus isn't the injured party, at least directly, the media is trying to pin the blame for opening a bad email attachment. As this type of problem has been with us almost since computers were first introduced you'd think, at least the State has filters in place to protect publicly owned systems from viruses. Certainly there's supposed to be an organisation in charge of this and in charge of that a Government Minister. According to statements I read (and can we believe these?) all the right instructions were given. As a manager, at least I was donkeys years ago, and I assume good practices are much the same, I understand that it's useless to issue an instruction without checking it's been obeyed. "I told the NHS yonks ago to update from Windows XP", is the excuse. Did you suggest a timescale I wonder or was it an open-ended request? Was it a passing suggestion or was a dictate? Another story, which may be more informed, tells me the virus spread, not through XP computers, but through Windows 7 machines that were missing a security update... and, the story goes, to save expense, were not fitted with an anti-virus package. Many moons ago we would have heard next that, "so and so has resigned", but these days this never happens. Possibly a huge cut in salary is the reason for not resigning, but I can't say. Who is it that's in charge of this area exactly? It seems that the Cabinet Office is the prime mover. |
||||||||||||||
|
||||||||||||||
Office of Cyber Security and Information Assurance
|
||||||||||||||
Well, I should say they appear to have failed as far as "strategic direction" and co-ordination, insofar as the NHS is concerned... but then again, what do I know, I'm just an ancient pensioner? |
||||||||||||||
What's the answer? Well, if the problems originated from an email attachment, and I don't know if that is a fact, why not filter emails before allowing these to leave the email servers. Perhaps something really simple such as blocking attachments and embedded links? |
Before I wind up this subject, I'll just mention some of the recent scam phone calls I've been receiving. There are lots of callers pretending to be from Microsoft. Their aim is to get you to type in various commands so they can access your computer. My neighbour was caught out and all her desktop icons vanished, to be replaced only if she parted with cash. She didn't and all I needed to do, when approached for help, was to cancel the "hidden" attributes. Another caller of which I've received several this week (June 2017) pretends to be the "BT Technical Department". The caller asked me to type in various MSDOS commands resulting in a CLSID code which is common to most Windows systems. Pretending that this "unique" number is my personal computer identity is supposed to make me trust them. They will, if permitted, get you to load a program which allows them to access your computer. I didn't go that far so I don't know what mischief they could have got up to... Interestingly the display on my phone said the call was from a Scunthorpe number, 01724-874574, although the caller sounded like he was calling from an Indian Call Centre. The technique used is called "Global Call Forwarding" and the caller in India sometimes has details of an address in the city corresponding to the dial code.. in this case Scunthorpe. Obviously you're more likely to pick up a call if your display indicates a valid number. |
The next day a caller pretending to represent the government backed Telephone Preference Service (for blocking calls) asked me to supply them with my full name. I declined and after this, I understand from information on the Net, they would attempt to get my bank details and steal money from my account. Of course I didn't supply any information, but instead told the Indian caller that my telephone display said "number withheld" and did she realise that to do this whilst cold-calling from within the UK was illegal. I said this because when asked she supplied her phone number as "0800-0869345" and her address as "27 Old Gloucester Street, London WC1N 3AX". Whilst she was gabbling away in broken English I checked the number and address. It seems the address is a "virtual address" for nearly a thousand companies. Not to be thwarted by my comments she passed the call to her supervisor who spoke ten to the dozen in slightly better Indian English. I suggested he was working for a scam company in India pretending to be calling from a bogus London address and he just hung up. |
Finally, those pathetic recorded announcements. I get so many, and all "number withheld" or "number not available", that I generally now listen and press "3" to be called back. Eventually, the day before yesterday I identified a caller probably related to the recorded call and politely told him to scrub my number from his list, which he said he'd do. Time will tell if these dratted calls will stop.... |
Here's a new scam, at least it's the first time I've had such a phone call. |
The usual fake caller claiming to be from BT with an extremely strong Indian accent and lots of background noise which prompted him, on my mentioning it, to call me back. The number was 0034697-041212 (although he claimed later to be in Mumbai). Initially he said my IP address had been hijacked by someone in Mountain View. I asked him what my IP address was and after waiting a minute he supplied it, but it was wrong. After asking me to type in My IP address location a screen appeared with what I assumed was that of Google in Mountain View. He then asked me to type in "BTfibreoptic,webnode.com" which I did. This took me to a fake BT web page, really poorly done with virtually no links included. There were three basic links however.. "Home", "Our Services" and "Contact". Please click on "Our services" was his request. It came up with four optional links. One, for Windows which he asked me to click. I didn't do this, but the link was to Team Viewer, a piece of code which if installed would allow him access to my computer. |