It appears that the ransomware is spreading trust to trust, possibly via email.
What happens when you don't give your employees adequate IT training update.
Microsoft have released their official statement on the topic - calling out the NSA and similar organisations for not taking responsibility when it comes to these exploits, and putting IT infrastructure at risk.
NHS systems upgrade fiasco was about 10 years ago if I remember correctly. No idea what happened since then. I believe it was during a period when I worked for an unnamed company started by some guy named Ross that fled said company and left it with a bunch of texas asshats to screw up. I believe that this company defense contracts got them in to bed with thatcher and the nhs at the time.
Seriously though, the current trend of connecting every last thing we use is insanity. If something is supposed to be a closed network it needs to be forever disconnected from the internet and set up their own back up net work. None of that can operate safely on the open internet.
It's MS17-010. Which was patched in March. TWO MONTHS, CARL!!! Russian police is affected. And the tool is based on a leaked NSA exploit. Damn those US hackers, influencing our something or other! =)))
Oh and btw this might be a perfect time to give a shoutout to a nifty lil copyleft tool that blocks any executable outside the Program Files folder https://iwrconsultancy.co.uk/softwarepolicy
Networked computers man. The Galactica was onto something.
In all seriousness people who haven't updated there systems from critical updates deserve everything they are getting. But its good to remember than more often than not the sysadmins arent always to blame when there boss says no.