Computers; what if the railway was attacked?

[najaB]

You can't set up virtual mode on computers running 7 home, or 7 pro if your ram is under 4gb.

Read the article I linked to, VirtualBox will happily run on computers with less than 4GB of RAM.

 

[455driver]

Simple answer to part of your question(s) - if/when a signal is out (or showing anything less than a 100% correct aspect) it counts as a Red/Stop signal at which a train must stop and wait until instruction is obtained. (It used to be that some signals that caused a stop but there was then no communication facility - for whatever reason - could be passed at Red - with the movement then continuing at caution.

No it doesnt, where does it say that?

 

[syorksdeano]

One thing that this recent event has shown is that the Government's cost cutting is more than people imagine and this has left vulnerable people exposed. It does make you wonder how a spotty teenager sitting in his bedroom has managed to bring the NHS to its knees

Sent from my SM-T555 using Tapatalk

 

[najaB]

It does make you wonder how a spotty teenager sitting in his bedroom has managed to bring the NHS to its knees.

Crypto viruses are not the work of 'lone spotty teenagers'. They are the product of organised (and possibly state-sponsored) criminal networks.

Previous attacks have extorted tens of millions of dollars before the networks were taken down.

 

[Jordeh]

One thing that this recent event has shown is that the Government's cost cutting is more than people imagine and this has left vulnerable people exposed. It does make you wonder how a spotty teenager sitting in his bedroom has managed to bring the NHS to its knees

Sent from my SM-T555 using Tapatalk

That is a ridiculous comment, keeping computers updated is nothing to do with government cost cutting, it's incompetence.

This is an incredibly sophisticated attack that has also affected car factories and Deutsche Bahn for instance.

 

[Dave1987]

For aviation the aircraft systems are controlled by the flight crew and the aircraft can be flown on standby instruments which means going back to similar instruments as you have on a C172. If ATC was hacked flight crew would resort to lost comms scenarios, they could all communicate with each other on VHF, so could easily revert to VFR 'see and avoid'.

 

[Howardh]

Read the article I linked to, VirtualBox will happily run on computers with less than 4GB of RAM.

Supposed to, but not on mine which only has 2gb of RAM; so XPM may be OK on anything higher, I quoted my main PC has 4 and it works on that.

Some forums suggest 512mb would be enough, although that's a recommendation. Certainly won't load on mine at 2gb. 4gb's fine.

Anyhow, this is way OT...

 

[Howardh]

That is a ridiculous comment, keeping computers updated is nothing to do with government cost cutting, it's incompetence.

This is an incredibly sophisticated attack that has also affected car factories and Deutsche Bahn for instance.

Yes, it was a spohisticated attack, and who knows, maybe the first of many? Could the whole internet be brought down and we all go back to reading ceefax...

But keeping computers updated isn't free - at least in "time" unless they can do it themselves. Can they? Otherwise I assume every single PC, laptop and tablet a company has, and in the case of the NHS that would be hundreds of thousands, would have to be updated...and not just once but every so often. My surgery has about 10 consultation rooms, each with its own PC, then there's the admin area and the back offices, so (a) what would need doing to each item (b) how long would it take and (c) would there be any cost in monetry terms? I've no idea - on my PC my antivirus asks to be updated, and I just click and let it get on with it. Would that be the same in an office?

 

[Dave1987]

http://www.independent.co.uk/news/u...ndoned-nhs-it-system-to-hit-10bn-8823917.html

They botched the previous upgrade!

 

[syorksdeano]

Yes, it was a spohisticated attack, and who knows, maybe the first of many? Could the whole internet be brought down and we all go back to reading ceefax...

But keeping computers updated isn't free - at least in "time" unless they can do it themselves. Can they? Otherwise I assume every single PC, laptop and tablet a company has, and in the case of the NHS that would be hundreds of thousands, would have to be updated...and not just once but every so often. My surgery has about 10 consultation rooms, each with its own PC, then there's the admin area and the back offices, so (a) what would need doing to each item (b) how long would it take and (c) would there be any cost in monetry terms? I've no idea - on my PC my antivirus asks to be updated, and I just click and let it get on with it. Would that be the same in an office?

The Government paid £5.5 million in 2014 for Microsoft to continue updates....that lapsed in 2015 so for 2 years NHS computers have recieved no updates. Who do you blame for that the Government or the NHS.

Are train stations still running on obsolete software?

 

[route:oxford]

That is a ridiculous comment, keeping computers updated is nothing to do with government cost cutting, it's incompetence.

The Caldicott Guardians for each of the trusts that have had system failures due to the malware should be invited to Westminster or Holyrood as approropriate to explain themselves.

 

[Paul Kelly]

Thanks for that, but the reports doesn't say whether the trains kept running (even with delays). Can anyone fill in?

My reading of it is that it only affected the departure boards at stations, and nothing safety-critical. In my experience German stations tend to have very clear and comprehensive paper-based departure boards too - it helps that the planned platform numbers are public and published in advance, so the electronic departure boards can't really tell you anything the paper ones don't, unless there is disruption.

 

[Howardh]

The Government paid £5.5 million in 2014 for Microsoft to continue updates....that lapsed in 2015 so for 2 years NHS computers have recieved no updates. Who do you blame for that the Government or the NHS.

Are train stations still running on obsolete software?

Microsoft! They sell their systems - they don't come for free, so they should support them.

As an aside; and I'm out of my depth on this one.....what about if the NHS ran Linux? Is that supported....would it run the same...could it be attacked as easily...does antivirus/malware work...is it needed?

I tried Linux Unbutu (sp?) once and half liked it half didn't; can a business and organisation run Linux?

 

[Howardh]

My reading of it is that it only affected the departure boards at stations, and nothing safety-critical. In my experience German stations tend to have very clear and comprehensive paper-based departure boards too - it helps that the planned platform numbers are public and published in advance, so the electronic departure boards can't really tell you anything the paper ones don't, unless there is disruption.

Thanks for that. Would probably have made sense to turn the EDB's off and have tannoy announcements, but if the trains hadn't been running I'm sure the report would have said.

 

[ainsworth74]

Microsoft! They sell their systems - they don't come for free, so they should support them.

They don't come for free but they provided twelve and a half years of updates and support for XP without requiring anyone to pay anything on top of the original licence. That seems a pretty fair deal to me! They even gave people plenty of notice of their plan to discontinue support!

How long should they be required to provide free support for? How much extra will a license cost as a result?

 

[Sacro]

Microsoft! They sell their systems - they don't come for free, so they should support them.

As an aside; and I'm out of my depth on this one.....what about if the NHS ran Linux? Is that supported....would it run the same...could it be attacked as easily...does antivirus/malware work...is it needed?

I tried Linux Unbutu (sp?) once and half liked it half didn't; can a business and organisation run Linux?

Microsoft can (and do) provide a chargeable support service, however as XP is years old now they bumped the cost up annually to get people to move onto 7.

Yes the NHS probably can run Linux on a lot of systems, however a lot of specialised hardware will only come with support for Windows (and possibly only one specific version) so that could be a major sticking point.

In this instance I'd look to the NSA for not reporting the bug in good time and then having it leaked. Microsoft for having the bug in the first place, and the NHS for not pushing out updates as quickly as they should have been.

 

[Sacro]

That is a ridiculous comment, keeping computers updated is nothing to do with government cost cutting, it's incompetence.

This is an incredibly sophisticated attack that has also affected car factories and Deutsche Bahn for instance.

Rubbish, it's entirely to do with cost cutting, the departments haven't the money to finance a roll-out of a new OS, which may well require newer hardware to run on.

Microsoft have also provided patches for XP, Windows 8 and Server 2003 - but strangely not Vista, so they are doing their best, but if people insist on not running Windows Update on a daily/weekly basis then what're they to do.

 

[87 027]

As any accountant will tell you, not every debit is an expense...

 

[Jordeh]

Rubbish, it's entirely to do with cost cutting, the departments haven't the money to finance a roll-out of a new OS, which may well require newer hardware to run on.

Microsoft have also provided patches for XP, Windows 8 and Server 2003 - but strangely not Vista, so they are doing their best, but if people insist on not running Windows Update on a daily/weekly basis then what're they to do.

Are all the people and businesses who've been affected by ransomware too poor to upgrade their computers? Including Renault, Nissan and Deutsche Bahn? I think not.

There are arguments to be made that the NHS is under funded and I would agree with you in some respects, but this is purely incompetence, nothing more. You're making a cheap political point with no evidence.

 

[Sacro]

Are all the people and businesses who've been affected by ransomware too poor to upgrade their computers? Including Renault, Nissan and Deutsche Bahn? I think not.

There are arguments to be made that the NHS is under funded and I would agree with you in some respects, but this is purely incompetence, nothing more. You're making a cheap political point with no evidence.

Most of this is incompetence or laziness on the part of the people that own/maintain/build the infrastructure. There are few good excuses for not keeping things up to date. If you can't keep things up to date then get them off the internet.

 

[Llanigraham]

Microsoft! They sell their systems - they don't come for free, so they should support them.

As an aside; and I'm out of my depth on this one.....what about if the NHS ran Linux? Is that supported....would it run the same...could it be attacked as easily...does antivirus/malware work...is it needed?

I tried Linux Unbutu (sp?) once and half liked it half didn't; can a business and organisation run Linux?

Sorry, but this is getting silly. Microsoft is a business like every other one. They have supported their product for more than 10 years and warned well in advance that they would stop that support.

Many businesses stop supporting important machinery and things. I have a friend who services X-Ray machines in hospitals, and you will be lucky to find one more than 5 years old that is supported. I know someone else who deals with body scanners and due to progress they look to 3 years support. At an even more basic level, try getting manufacturers spare parts for a car 10 years old................

 

[Bookd]

As mentioned earlier this programme was apparently invented by the U.S. government ( and then stolen) .Given that the USA is keen to take legal action against anyone in the world who it sees to have acted against their interests is there a case for all those affected to seek a action against the U.S. government??

 

[Jordeh]

As mentioned earlier this programme was apparently invented by the U.S. government ( and then stolen) .Given that the USA is keen to take legal action against anyone in the world who it sees to have acted against their interests is there a case for all those affected to seek a action against the U.S. government??

No because they haven't done anything wrong.

 

[LNW-GW Joint]

Most of this is incompetence or laziness on the part of the people that own/maintain/build the infrastructure. There are few good excuses for not keeping things up to date. If you can't keep things up to date then get them off the internet.

Some of that may be true but I think the NHS has a uniquely complex set of user applications, and it's the whole software stack you have to manage forward.
I doubt they just didn't bother to upgrade XP, it will be a tough systems integration job.
The NHS is also notorious for multiple local IT solutions demanded by the health professionals.
I wonder why NHS Wales was not impacted?

 

[Tio Terry]

Safety critical communications used for railway signalling are not transmitted via the internet. Whilst interrogation systems may use internet connection they cannot be used to transmit instructions, any attempt to do so would be blocked by the interlocking which would reject any such instruction.

 

[Hadders]

It's not quite as simple as upgrading an operating system.

I work for a large organisation. Thousands of PCs and bespoke systems that have to be compatible with each other for the business to function. We're not talking about popping out to PC World and purchasing an updated PC and the latest version of Office.

What we need is stability. Upgrading to a new operating system represents a huge risk so it is only ever done when it becomes absolutely essential. It's not just about cost, it's also about business continuity and stability.

 

[najaB]

What we need is stability. Upgrading to a new operating system represents a huge risk so it is only ever done when it becomes absolutely essential. It's not just about cost, it's also about business continuity and stability.

That probably overstates the situation. Businesses operate on a update cycle, just is driven by their needs rather than the needs of vendors to sell product.

They will upgrade when the benefits that the upgrade will bring (e.g. enhanced productivity, reduced support costs, ability to introduce new features) outweigh the costs (direct monetary cost, cost of retraining, need to test applications for compatibility, etc.).

 

[snowball]

I love that XP is still beating Vista

Never used it, but read that it was appalling!! Anyone here have experience?

Are you asking about Vista? My previous home computer, which I had from the end of 2007 until summer 2015, was on Vista all that time.

 

[jonathan01n]

**One worry is aircraft...I understand they can be flown independently but if ATC controls are down in a large country and they have to land...eeekhock:

Aircrafts has already been hacked, someone hacked onto a United! 737 IFE and caught by FBI !!:roll:

 

[jonathan01n]

For aviation the aircraft systems are controlled by the flight crew and the aircraft can be flown on standby instruments which means going back to similar instruments as you have on a C172. If ATC was hacked flight crew would resort to lost comms scenarios, they could all communicate with each other on VHF, so could easily revert to VFR 'see and avoid'.

In class A airspace flight speed is up to 500mph and in this case see and avoid seemed unreliable, isn't? Also what in case the weather is IMC?:roll: