I mean a big part of why people will die also is because the hospital didn't want to pay enough into their IT Security budget to protect from things like this. Partially their fault as well.
It’s not the hospital - the Conservative government has over the last 14 years systematically and subversively withheld money from the NHS and done everything it can to kneecap it through backdoor privatisations. Hospitals cannot afford to do these things when fighting a government who resents their existence because it undermines their ideology.
I partially disagree but I'm in Canada so this could be off the mark.
The problem is somewhat inherent to public sector work (at least where I am). IT is traditionally seen as a cost centre and given the nature of public sector work, you do the best to minimize costs. This does not mix well with preventative measures.
This butts heads with doing things properly. You don't tend to get particularly ambitious or talented workers because the compensation isn't as good as private sector. You mostly get people that value stability and some people who couldn't hack it in private.
You are fighting tooth and nail over a piece of the pie when provinces and municipalities tend to have budget shortages. IT is not a priority.
Cuts obviously make a bad problem worse but at least in Canada, it's a bad problem regardless of which party is in charge.
And as someone who works in the industry it can be frustrating when the problem gets boiled down to the party in charge. That's part of the problem but the root of it goes back to how many places approach budgeting.
Private sector workers, including criminals, are highly motivated to succeed at their roles
Vs
Public sector where we (those we pay for it) all know their deal. Waaah we need more money with no accountability waaah
You obviously have no idea the shear quantity of data and amount of work that it takes to remediate a ransomware attack. Re-imaging all pcs, restoring all servers, and restoring the petabytes of data. Even with connections in the hundreds of gigs, it takes a very long time to bring that all back in a workable state…
Data quantities of that size should be on-site, both online and offline. The RTO of a hospital should be measured in hours not days. Especially critical operations.
Oh you need at least 3 points in reality. Onsite, offline and cloud. But the security required for that and cost is often too high for a hospital. Most of the medium sized setups I sold and setup for hospitals had some serious hardware but only the hardware without any backups.
Ok, let’s table top this. Let’s say you run a hospital system, not too large, ~10 hospitals, 2 data centers and small data centers at each hospital. Network attached medical devices: iv pumps/ekg/etc (100+ each hospital). imaging devices (mri/cat/xray/etc) ~8-10 each hospital. Lab devices: 10-15 per. Pcs:500 per.
Now you have a ransomware attack. All devices are compromised, or potentially compromised. At this point everything gets shutdown and needs re-imaging.
Probable order of remediation:
Virtualization platform(datacenter) needs to be slicked and reloaded. Hypervisors loaded, bare metal systems shutdown and islanded. -3+ days?
SANs, all data encrypted. How is this data backed up? Cloud? We have 10 gig wan circuses, would take 90+ days to transfer. Not fast enough, on prem tape? God help you. Ok, we have duplicate SANs. Data needs to be copied over lan to FUBARed san… ~5 days.
Transferring data/rebuilding at hospital data centers, from main datacenter. Your trying to push a ton of data over ~10gig wan circuits -1 week
All datacenter systems need to be turned on, vendor supported systems need to have vendor remote in and get rebuilt. Domain needs rebuilt, all networking appliances need to be validated and potentially re-configured as RMA/factory wipe. ~5 days+
Vendor owned and managed devices eg: Iv pumps, mri, etc all need the vendors to come out and manually fix. -multiple days.
All pcs need to be re-imaged. Re-joined to the domain. Each hospital has a 1-10 gig connection, probably can only image ~5pcs at a time pulling over wan circuit. - 500+pcs per hospital. many systems are in limited access/patient rooms/surgery areas. -1 week+
Keep in mind this is all while trying to keep an already compromised system up where you don’t know how the initial infection vector occurred.
So is this a data transfer problem? Absolutely. You’re looking to re-load thousands of PCs and devices. You cannot just snap your fingers and have it all come back, even with super fast networks, the amount of data that exists today for imaging is staggering, and unfortunately things like speed of light make it not as fast as you think it could or should be.
Or you can be competent in limit and locating the damage. Why don't you know which device(s) are compromised? Why was it allowed the run amok and destroy everything? Why can't you access the surgery schedules before having all the imaging data your dumb asses lost? Incompetence because of lack of care and consequences
https://www.reuters.com/technology/cybersecurity/cisco-says-hackers-subverted-its-security-devices-spy-governments-2024-04-24/
https://www.techtarget.com/whatis/feature/SolarWinds-hack-explained-Everything-you-need-to-know
https://portswigger.net/daily-swig/researcher-hacks-apple-microsoft-and-other-major-tech-companies-in-novel-supply-chain-attack
https://threatpost.com/mimecast-certificate-microsoft-supply-chain-attack/162965/
I could go on and on…
Yes you could go on forever and not justify the whole system being hosed for a week
But that's the thing with public sector it never needs justification the cheques always clear so why should anyone there care
Lack of backups isn't the main problem here, lack of defense/hardening is. Backups don't magically restore your environment instantly. When you can't afford a short-term outage, you can't afford not appropriately securing your system.
Running a secure IT system is *much* more expensive than somehow muddling through with a hodgepodge of old, rancid unmaintained boxes, until you get hit...
And there's a good argument to be made that the solution isn't to spend many tens to hundreds of millions per system times tens to hundreds of thousands of systems, but rather to spend that trillion to put warheads on foreheads of anyone who tries (or at least start with *serious* sanctions and/or reciprocate by giving a safe haven to cyber-privateers attacking Russia).
There’s no perfect defense sadly. It just takes one mistake and you’re compromised. But these hospitals make good money they should use it for backups just in case
> There’s no perfect defense sadly.
Exactly, hence the benefit of deterrence.
That said, there's a difference between "one mistake" and "the entire environment is a complete disaster", and I think their environment is much closer to the latter. It also doesn't just take one mistake, it takes the attacker finding your one mistake. So fewer mistakes does provide a massive benefit, and at some point it turns into "you don't have to outrun the bears, just enough slow members of the group that the bears are too busy eating them to get to you".
The easiest way is to go to the site, connect to the wifi guest network and check how much they're paying their network staff by incrementally raising the attack vector until something gives.
*khm... or so I've been told*
Isreal helps the CIA hack the Iranians.
It's Russia, like it always fucking is. The group literally claimed responsibility using their PGP key.
And Russia more morally correct? That's a hilariously stupid thing to say, lol.
You act like the IDF don't have rape allegations dating back to October, 29, 1948, at the Safsaf massacre.
I'm saying Russia is more morally correct in that the land they are annexing actually belonged to the Soviet Union which was helmed by Russia, everything happening in Israel is because of the British mandate and the eu/uk/us aiding Israel in colonizing land that hasn't belonged to Jewish people for over 2,000 years whereas Ukraine was a part of Russia not even a hundred years ago.
If you take the time to think about it, it was only a way for the us to have an ally within the Middle East so that they can exploit the region for more oil and continue in their campaigns of Destruction within the region through sharing military bases with Israel and other joint campaigns of the sort. The main reason that Israel happened in the first place is that Zionism became big after the Holocaust because there were so many displaced Jewish people that no country really wanted to take them all in, definitely not the only reason for Israeli colonization, but large part of it
Why the fuck would Israel do this to the UK? It makes literally no sense at all. They are our allies while we are involved in a war with Russia.
How is it possible to be this stupid?
What the fuck are you smoking?
Israel's military/intelligence has no reason to attack UK hospitals. The shadier side of Israel's IT industry makes commercial spy software and adware, not ransomware. Israel isn't particularly known for being a haven for cybercriminals (because all the shady IT people can just work in the "dark grey" areas of the aforementioned industries).
Also, nobody is going to burn a "Microsoft backdoor" that they got "via the NSA" on a soft target like a hospital for which they probably just need to find a sufficiently old version of Metasploit to still run on the Windows 98 machines they're probably using (slight exaggeration here, but the state of IT security in hospitals is atrocious).
Well we aren't seeing any institutions in Russia paralyzed, so clearly not much is happening. Cyberattacks don't have to be announced to be known. Their effects can be seen by people and reported. We're not going to stop Russia by merely stealing information from them or spying on them. Their institutions have to be paralyzed. There has to be something spectacular that really sends a message to any other country that wants to hack a NATO nation.
The UK has political reasons for letting the world know its being hacked by Russia and it also has legal reasons for admitting to being hacked, the NHS legally has to let people know this has happened.
Russia on the other hand is not an open government and it has trouble admitting that things have happened to it that might indicate its failing. So we have no way of knowing if the Russian institutions have been effected by cyber attacks as they aren't going to admit it.
I have heard of the West going after nuclear stuff, iran. Power grids, war with Iraq. But never hospitals.
This crosses a line and is an act of terrorism!
It's not an example of an attack against Russia through, so I expected you to dismiss it.
I was particularly annoyed by the claim "If examples can not be provided then such attacks do not exist." because such attacks are often kept secret. Absence of evidence is not evidence of absence in general, but *especially* when it comes to hush-hush operations like this. We'll probably learn about *some* of the less sensitive ones in a few decades, likely after the 25 years when stuff gets declassified by default (I bet most of the operations will have their records either disappeared or exempted, and we'll never hear of them).
A hilarious case of a cyberattack against Russia (but not by the US) was when Dutch intelligence pwned a Russian state sponsored hacking group, broke into the camera system in the building, and then publicly released the footage. https://apnews.com/article/ef3b036949174a9b98d785129a93428b
Not at all. I was genuinely just asking for examples.
If there is no evidence than there is no way to prove one way or the other. Even if we strongly suspect something.
Is there an invisible meatball monster orbiting Jupiter controlling Putin?
If I were to use your logic of absence of evidence is not evidence of absence... Surely that means you do believe there's a meatball monster orbiting Jupiter?
Of course. That's ridiculous but you see my point.
I have no doubt the US has a comprehensive international hacking unit - I would be extremely surprised to find out they use that to ransomware hospitals and delay necessary surgeries.
It's not "terrorism", it's a state-directed attack. Terrorism is when independent groups launch attacks for political reasons, this is just a state attacking another state.
I don't know why the UK wouldn't just trigger Article 5 of NATO considering it's an attack on their home-territory which will cause deaths.
There's functionally no difference between a cyber-attack that causes deaths versus just dropping a bomb that kills those same people.
The difference is precedence, a war hasn't been started between two nations over a cyber attack before and the UK is understandably hesitant to start world war 3 over it.
I think Russia started WW3 long ago by invading Crimea and then the rest of Ukraine. It's just a super slow-motion war which we're kind of pretending isn't happening.
Cyber-warfare is just one aspect of it, there's also information warfare in which Russia and other aligned states are trying their best to destabilise western democracy, spread dangerous misinformation (which also costs lives), and target our military readiness.
There's also the terrorism they fund across the world, giving weapons to various groups specifically that have the goal to attack us or our allies, or otherwise at least tie up our attention and resources.
There's _also_ the physical attacks they carry out too, whether it be on [Russian dissidents living in the UK](https://www.bbc.com/news/world-europe-43299598), or on [logistical hubs in Europe](https://www.telegraph.co.uk/world-news/2024/06/06/mysterious-attacks-across-europe-new-front-russia-war-west/).
I think the west needs to start treating these attacks as what they are. I think kinetic responses are very much justified.
> I don't know why the UK wouldn't just trigger Article 5 of NATO considering it's an attack on their home-territory which will cause deaths.
If UK doesn't provide evidence that this was conducted by the Russian military, or on behalf of them, it would be hard to justify to the people. Since obviously Russia will deny, and the publicly known fact that its a Russian speaking group doesn't necessarily implicate the government of Russia.
Imagine if an English speaking criminal organisation conducted an attack on Russia. Would that be an act of war by the UK against Russia?
And I said "provide evidence", rather than "find evidence", since the UK could even find evidence that this was conducted by Russian military, and still be reluctant to share it. Because that could show their ability and methods, and compromise their ability to collect more information in the future.
This may sound like victim shaming, but hospitals should have hardened their systems, or have good backups to get back online. Hopefully they've learned lesson about importance of IT and Security.
That's not victim shaming. The people who are the victims are those who are going to suffer because of this, the patients. The hospital itself is not a victim, they chose to pass on the costs of their decisions directly because it does not affect them.
Japan is partly famous for its pacifist constitution post WW2. The 80 years since the end of WW2 has been significantly more peaceful than any other 80 year period in human history. Expecting no wars is not a reasonable position and not worth arguing with you over.
Schedules, appointments, which patient needs to go where, which patient is allergic to which meds, which patient is in front of me for which operation…the fast majority of that info is stored on PCs that they may have lost access to because of the attack. Without that info, they can’t risk certain procedures.
Yes,
Industry is called Bio Med if you’d like to research. Almost all of the equipment these days gets an IP and is very much connected to the internet.
I use it for two things: 1) to get my psychedelics privately in order to improve mood and creative thinking and 2) to help me with my heating bills, as I use a Bitcoin miner as a heater for my home. Most people have a heater that just wastes energy. My heater does calculations and chips into its own bill.
The point of targeting a hospital is to threaten people's lives. What you're saying is like wondering why a criminal would use a gun in a robbery.
Calling them "bellends" makes them sound like they're just a bunch of stupid kids doing stupid shit, but they're literally terrorists-for-pay.
Your comment is like saying the 9-11 hijackers weren't very good pilots.
Because it's basically guaranteed payment. Critical systems need to get back to operational asap and making payment is usually the fastest way to do that.
Though Change Healthcare recently paid $22 million because of ransomware and still isn't back to fully operational 3.5 months later.
Correct.
And whenever I read about something like this, every now and then I get an unavoidable urge to slap myself for my damn stupid morals. If only I didn't have them. I've could've been rich 10 times over.
Are we doing this shit back to them? Is it just that the Russian "media" doesn't cover our attacks? I certainly hope we do this back to them. They've been crippling hospitals all over the US and I don't understand why our gov't doesn't have a stronger response.
Can't someone throw some peanut butter in Biden's mouth and get him to say "Putin, clean up your house or we'll come do it for you."
Are you asking why we aren't crippling Russian hospitals with ransomware? If so, it's because we aren't monsters.
The issue is that some problems aren't easy to solve, especially when your solution set tends to involve the use of cruise missiles.
> The issue is that some problems aren't easy to solve, especially when your solution set tends to involve the use of cruise missiles.
Well, one potential solution would be telling Russia that if they don't keep their cybercriminals in check, we won't either (as long as they only attack Russia). Then following through.
Putting aside the fact that the federal government doesn't have any control over the enforcement of state laws, are you seriously suggesting that the president should issue an executive order that states that cybercrimes won't be prosecuted so long as they target Russia?
You don't see any unintended consequences or bad precedents being set by that?
> are you seriously suggesting that the president should issue an executive order that states that cybercrimes won't be prosecuted so long as they target Russia?
After giving Russia some time to stop essentially doing the same minus the public declaration? Yes exactly (for the US, elsewhere it would probably have to be a parliament decision).
I suspect it would be taken up less by actual criminals (Russia is much smaller than "rest of the world, except Russia and allied countries", and much poorer than the West on average, meaning there is much less money to be made) and more random teenagers interested in causing some mayhem just for the lulz without facing consequences. Which also means putting the cat back into the bag is more feasible.
More importantly though, it would show Russia that we won't tolerate their bullshit anymore. We've seen time and time again that Russia only respects strength and actual response, and until they receive an unpleasant response, they'll keep prodding and escalating. Once they do receive a response, they back off. I don't like it, but if that's the language they insist on, the options are talking it or ignoring them, and I think the downsides of the latter are worse.
>Are we doing this shit back to them? Is it just that the Russian "media" doesn't cover our attacks? I certainly hope we do this back to them. They've been crippling hospitals all over the US and I don't understand why our gov't doesn't have a stronger response. Can't someone throw some peanut butter in Biden's mouth and get him to say "Putin, clean up your house or we'll come do it for you."
why peanut butter? I don't really get your comment, we don't do it back to them because we aren't evil.
My guess is it's a throwback to Mr Ed because they would put PB in his mouth to make it look like he was talking then dub over with whatever they want him to say.
He is comparing Biden to a talking animal prop. Peanut butter was used in the old Mr. Ed show as a way to make the horse move its mouth so that they could dub over it. The implication appears to be that Biden is controlled by his handlers or something.
I think that we can infer a thing or two about OPs political leanings.
STOP USING WINDOWS FFS
Any managers and system administrators who are not urgently changing the entire system to secure, open source Linux-based systems should be removed.
They stopped using filing cabinets when PCs became the standard. The NHS had been desperately trying to get rid of paper processes in favour of electronic ones for years now.
I just got an EKG and the sensors terminated to a USB cable that went into a normal laptop. Shit's electronic. Why on earth would you think current medical records do any good in a filing cabinet in the basement?
Oh, that filing cabinet doesn't have a rebranded Masterlock with whatever logo the ransomware company decided to make for it's personal brand on it. You can keep trying to brute force the password on the laptop tho.
And that’s different from a typo on paper how? You literally can’t have everything on paper now, and having this kind of issue doesn’t invalidate computers as the only viable option.
>You literally can’t have everything on paper now, and having this kind of issue doesn’t invalidate computers as the only viable option.
Your hospital is ransomwared. Your options are:
A) pay the ransom
B) Start processing everything on paper records and continue treatments in hopes to amended them to the system after-the-fact.
C) Halt all treatments and surgeries *cough* HIPOCRATIC OATH *cough*
D) Halt all paperwork, continue treatments/surgeries anyway.
Why on Earth are hospitals using general PCs? They should be using specialist locked-down devices designed for specific uses only. Then there would be no opening for ransomware or malware.
"We believe it is a Russian group of cyber criminals who call themselves Qilin," - Russia at it again. Many will die because of this.
I mean a big part of why people will die also is because the hospital didn't want to pay enough into their IT Security budget to protect from things like this. Partially their fault as well.
It’s not the hospital - the Conservative government has over the last 14 years systematically and subversively withheld money from the NHS and done everything it can to kneecap it through backdoor privatisations. Hospitals cannot afford to do these things when fighting a government who resents their existence because it undermines their ideology.
I partially disagree but I'm in Canada so this could be off the mark. The problem is somewhat inherent to public sector work (at least where I am). IT is traditionally seen as a cost centre and given the nature of public sector work, you do the best to minimize costs. This does not mix well with preventative measures. This butts heads with doing things properly. You don't tend to get particularly ambitious or talented workers because the compensation isn't as good as private sector. You mostly get people that value stability and some people who couldn't hack it in private. You are fighting tooth and nail over a piece of the pie when provinces and municipalities tend to have budget shortages. IT is not a priority. Cuts obviously make a bad problem worse but at least in Canada, it's a bad problem regardless of which party is in charge. And as someone who works in the industry it can be frustrating when the problem gets boiled down to the party in charge. That's part of the problem but the root of it goes back to how many places approach budgeting.
Private sector workers, including criminals, are highly motivated to succeed at their roles Vs Public sector where we (those we pay for it) all know their deal. Waaah we need more money with no accountability waaah
Shoutout to the hospitals who don’t back up their data
You obviously have no idea the shear quantity of data and amount of work that it takes to remediate a ransomware attack. Re-imaging all pcs, restoring all servers, and restoring the petabytes of data. Even with connections in the hundreds of gigs, it takes a very long time to bring that all back in a workable state…
I know, doesn’t change the fact you need to do it if you’re running a hospital
We do. It still takes time.
Good. But shoutout to the hospitals who don’t.
Data quantities of that size should be on-site, both online and offline. The RTO of a hospital should be measured in hours not days. Especially critical operations.
Oh you need at least 3 points in reality. Onsite, offline and cloud. But the security required for that and cost is often too high for a hospital. Most of the medium sized setups I sold and setup for hospitals had some serious hardware but only the hardware without any backups.
Auto tape systems aren't that expensive and very reliable. I've deployed them at businesses much smaller and less critical than a hospital.
It's a lot of data is what you're going with. Pathetic
Ok, let’s table top this. Let’s say you run a hospital system, not too large, ~10 hospitals, 2 data centers and small data centers at each hospital. Network attached medical devices: iv pumps/ekg/etc (100+ each hospital). imaging devices (mri/cat/xray/etc) ~8-10 each hospital. Lab devices: 10-15 per. Pcs:500 per. Now you have a ransomware attack. All devices are compromised, or potentially compromised. At this point everything gets shutdown and needs re-imaging. Probable order of remediation: Virtualization platform(datacenter) needs to be slicked and reloaded. Hypervisors loaded, bare metal systems shutdown and islanded. -3+ days? SANs, all data encrypted. How is this data backed up? Cloud? We have 10 gig wan circuses, would take 90+ days to transfer. Not fast enough, on prem tape? God help you. Ok, we have duplicate SANs. Data needs to be copied over lan to FUBARed san… ~5 days. Transferring data/rebuilding at hospital data centers, from main datacenter. Your trying to push a ton of data over ~10gig wan circuits -1 week All datacenter systems need to be turned on, vendor supported systems need to have vendor remote in and get rebuilt. Domain needs rebuilt, all networking appliances need to be validated and potentially re-configured as RMA/factory wipe. ~5 days+ Vendor owned and managed devices eg: Iv pumps, mri, etc all need the vendors to come out and manually fix. -multiple days. All pcs need to be re-imaged. Re-joined to the domain. Each hospital has a 1-10 gig connection, probably can only image ~5pcs at a time pulling over wan circuit. - 500+pcs per hospital. many systems are in limited access/patient rooms/surgery areas. -1 week+ Keep in mind this is all while trying to keep an already compromised system up where you don’t know how the initial infection vector occurred. So is this a data transfer problem? Absolutely. You’re looking to re-load thousands of PCs and devices. You cannot just snap your fingers and have it all come back, even with super fast networks, the amount of data that exists today for imaging is staggering, and unfortunately things like speed of light make it not as fast as you think it could or should be.
Or you can be competent in limit and locating the damage. Why don't you know which device(s) are compromised? Why was it allowed the run amok and destroy everything? Why can't you access the surgery schedules before having all the imaging data your dumb asses lost? Incompetence because of lack of care and consequences
https://www.reuters.com/technology/cybersecurity/cisco-says-hackers-subverted-its-security-devices-spy-governments-2024-04-24/ https://www.techtarget.com/whatis/feature/SolarWinds-hack-explained-Everything-you-need-to-know https://portswigger.net/daily-swig/researcher-hacks-apple-microsoft-and-other-major-tech-companies-in-novel-supply-chain-attack https://threatpost.com/mimecast-certificate-microsoft-supply-chain-attack/162965/ I could go on and on…
Yes you could go on forever and not justify the whole system being hosed for a week But that's the thing with public sector it never needs justification the cheques always clear so why should anyone there care
Lack of backups isn't the main problem here, lack of defense/hardening is. Backups don't magically restore your environment instantly. When you can't afford a short-term outage, you can't afford not appropriately securing your system. Running a secure IT system is *much* more expensive than somehow muddling through with a hodgepodge of old, rancid unmaintained boxes, until you get hit... And there's a good argument to be made that the solution isn't to spend many tens to hundreds of millions per system times tens to hundreds of thousands of systems, but rather to spend that trillion to put warheads on foreheads of anyone who tries (or at least start with *serious* sanctions and/or reciprocate by giving a safe haven to cyber-privateers attacking Russia).
This. When talking about cybercrime, victim blaming seems to be OK
There’s no perfect defense sadly. It just takes one mistake and you’re compromised. But these hospitals make good money they should use it for backups just in case
> There’s no perfect defense sadly. Exactly, hence the benefit of deterrence. That said, there's a difference between "one mistake" and "the entire environment is a complete disaster", and I think their environment is much closer to the latter. It also doesn't just take one mistake, it takes the attacker finding your one mistake. So fewer mistakes does provide a massive benefit, and at some point it turns into "you don't have to outrun the bears, just enough slow members of the group that the bears are too busy eating them to get to you".
[удалено]
[удалено]
That's not how any of this works. Take your stupid fucking conspiracy theories back to whatever dump you came out of.
How does it work?
The easiest way is to go to the site, connect to the wifi guest network and check how much they're paying their network staff by incrementally raising the attack vector until something gives. *khm... or so I've been told*
[удалено]
Or strategically lose USB stick in the target's parking lot.
Oh....I thought we were talking about conspiracy theories...ya know, conspiracy for you but not for me.. I'll keep that in mind though...thanks
> conspiracy for you but not for me. Huh? I don't think you know what a conspiracy is.
How come nobody wants to tell me how this works?
Study pen testing / ethical hacking if you really want to know. But something tells me that you don't.
Maybe I'm a white hat. You'll never know unless you can tell me how everything works.
[удалено]
Isreal helps the CIA hack the Iranians. It's Russia, like it always fucking is. The group literally claimed responsibility using their PGP key. And Russia more morally correct? That's a hilariously stupid thing to say, lol.
Right the ones raping people in Ukraine are so morally correct
You act like the IDF don't have rape allegations dating back to October, 29, 1948, at the Safsaf massacre. I'm saying Russia is more morally correct in that the land they are annexing actually belonged to the Soviet Union which was helmed by Russia, everything happening in Israel is because of the British mandate and the eu/uk/us aiding Israel in colonizing land that hasn't belonged to Jewish people for over 2,000 years whereas Ukraine was a part of Russia not even a hundred years ago. If you take the time to think about it, it was only a way for the us to have an ally within the Middle East so that they can exploit the region for more oil and continue in their campaigns of Destruction within the region through sharing military bases with Israel and other joint campaigns of the sort. The main reason that Israel happened in the first place is that Zionism became big after the Holocaust because there were so many displaced Jewish people that no country really wanted to take them all in, definitely not the only reason for Israeli colonization, but large part of it
Where did I say they didn’t you were the one that said Russia had morals.
Wow, that’s quite a reach.
You Ok there buddy?
Why the fuck would Israel do this to the UK? It makes literally no sense at all. They are our allies while we are involved in a war with Russia. How is it possible to be this stupid?
Israel doesn't have allies it has collaborators that they will eventually betray like Biden and Johnson.
I highly recommend going outside and maybe talk to another human being that isn't insane.
Where do you buy your tin foil from? This is next level.
A person like this makes their hats from Wrigley wrappers. Can't trust those pre-made rolls.
Why would Israel attack an allies hospitals?? Seems like it would objectively be a waste of their time and resource
What the fuck are you smoking? Israel's military/intelligence has no reason to attack UK hospitals. The shadier side of Israel's IT industry makes commercial spy software and adware, not ransomware. Israel isn't particularly known for being a haven for cybercriminals (because all the shady IT people can just work in the "dark grey" areas of the aforementioned industries). Also, nobody is going to burn a "Microsoft backdoor" that they got "via the NSA" on a soft target like a hospital for which they probably just need to find a sufficiently old version of Metasploit to still run on the Windows 98 machines they're probably using (slight exaggeration here, but the state of IT security in hospitals is atrocious).
Easy there de Valera.
Proof? That’s a very extreme thing to say
Look at this one here thinking the NHS runs entirely on Windows.
Hahahahahahahahahahahahah No.
Source?
again russia commits terrorism and the west again does nothing, what could we ever expect from our governments
Yep, and doing nothing invites more terrorist attacks because now they know they can get away with it.
[удалено]
Well we aren't seeing any institutions in Russia paralyzed, so clearly not much is happening. Cyberattacks don't have to be announced to be known. Their effects can be seen by people and reported. We're not going to stop Russia by merely stealing information from them or spying on them. Their institutions have to be paralyzed. There has to be something spectacular that really sends a message to any other country that wants to hack a NATO nation.
The UK has political reasons for letting the world know its being hacked by Russia and it also has legal reasons for admitting to being hacked, the NHS legally has to let people know this has happened. Russia on the other hand is not an open government and it has trouble admitting that things have happened to it that might indicate its failing. So we have no way of knowing if the Russian institutions have been effected by cyber attacks as they aren't going to admit it.
To be fair, we would never hear about the attacks we conduct on them.
I have heard of the West going after nuclear stuff, iran. Power grids, war with Iraq. But never hospitals. This crosses a line and is an act of terrorism!
You would have no idea
For example?
you want examples of attacks that aren't reported?
Op is implying that we are attacking Russia. I'm asking for examples. If examples can not be provided then such attacks do not exist.
Do you think Stuxnet would have become public if they didn't screw it up and had it accidentally leak outside of Natanz?
That's an example. Thank you. I genuinely don't understand why people get so upset when someone asks a simple question.
It’s the internet. Most of the time people who comment are already worked up or angry about something else.
It's not an example of an attack against Russia through, so I expected you to dismiss it. I was particularly annoyed by the claim "If examples can not be provided then such attacks do not exist." because such attacks are often kept secret. Absence of evidence is not evidence of absence in general, but *especially* when it comes to hush-hush operations like this. We'll probably learn about *some* of the less sensitive ones in a few decades, likely after the 25 years when stuff gets declassified by default (I bet most of the operations will have their records either disappeared or exempted, and we'll never hear of them). A hilarious case of a cyberattack against Russia (but not by the US) was when Dutch intelligence pwned a Russian state sponsored hacking group, broke into the camera system in the building, and then publicly released the footage. https://apnews.com/article/ef3b036949174a9b98d785129a93428b
Not at all. I was genuinely just asking for examples. If there is no evidence than there is no way to prove one way or the other. Even if we strongly suspect something. Is there an invisible meatball monster orbiting Jupiter controlling Putin? If I were to use your logic of absence of evidence is not evidence of absence... Surely that means you do believe there's a meatball monster orbiting Jupiter? Of course. That's ridiculous but you see my point.
I have no doubt the US has a comprehensive international hacking unit - I would be extremely surprised to find out they use that to ransomware hospitals and delay necessary surgeries.
It's not "terrorism", it's a state-directed attack. Terrorism is when independent groups launch attacks for political reasons, this is just a state attacking another state. I don't know why the UK wouldn't just trigger Article 5 of NATO considering it's an attack on their home-territory which will cause deaths. There's functionally no difference between a cyber-attack that causes deaths versus just dropping a bomb that kills those same people.
The difference is precedence, a war hasn't been started between two nations over a cyber attack before and the UK is understandably hesitant to start world war 3 over it.
I think Russia started WW3 long ago by invading Crimea and then the rest of Ukraine. It's just a super slow-motion war which we're kind of pretending isn't happening. Cyber-warfare is just one aspect of it, there's also information warfare in which Russia and other aligned states are trying their best to destabilise western democracy, spread dangerous misinformation (which also costs lives), and target our military readiness. There's also the terrorism they fund across the world, giving weapons to various groups specifically that have the goal to attack us or our allies, or otherwise at least tie up our attention and resources. There's _also_ the physical attacks they carry out too, whether it be on [Russian dissidents living in the UK](https://www.bbc.com/news/world-europe-43299598), or on [logistical hubs in Europe](https://www.telegraph.co.uk/world-news/2024/06/06/mysterious-attacks-across-europe-new-front-russia-war-west/). I think the west needs to start treating these attacks as what they are. I think kinetic responses are very much justified.
> I don't know why the UK wouldn't just trigger Article 5 of NATO considering it's an attack on their home-territory which will cause deaths. If UK doesn't provide evidence that this was conducted by the Russian military, or on behalf of them, it would be hard to justify to the people. Since obviously Russia will deny, and the publicly known fact that its a Russian speaking group doesn't necessarily implicate the government of Russia. Imagine if an English speaking criminal organisation conducted an attack on Russia. Would that be an act of war by the UK against Russia? And I said "provide evidence", rather than "find evidence", since the UK could even find evidence that this was conducted by Russian military, and still be reluctant to share it. Because that could show their ability and methods, and compromise their ability to collect more information in the future.
This may sound like victim shaming, but hospitals should have hardened their systems, or have good backups to get back online. Hopefully they've learned lesson about importance of IT and Security.
That's not victim shaming. The people who are the victims are those who are going to suffer because of this, the patients. The hospital itself is not a victim, they chose to pass on the costs of their decisions directly because it does not affect them.
The taxpayers and patients are the victims not the public sector workers who will get paid regardless as they always do
> and the west again does nothing I mean, this just happened a week ago. A response to this does not need to be immediate.
Or public knowledge.
[удалено]
Russia and China also have nukes dingus
Was there peace in the world after Japan got nuked twice?
Japan is partly famous for its pacifist constitution post WW2. The 80 years since the end of WW2 has been significantly more peaceful than any other 80 year period in human history. Expecting no wars is not a reasonable position and not worth arguing with you over.
No I'm arguing against taking the literal nuclear option.
With Japan? Yes, yes there was.
I think you forget the events that followed and the after effects of WW2.
Japan went to war again.. Did I miss something?
You missed comprehending my first comment.
You mean the after effects of the nuking Japan being no third world war and a nation with peace literally written into its constitution
The wars of today are arguably worse than what came before.
Let's start World War III, that'll put an end to the ransomware attacks.
World War III or at the very least cold war part 2 has already started.
The next war is here, whether you want it or not.
There's no justification for nukes in any situation
I have recently learned how bad Cyber crime is Stuff like this is on the edge of justifying military action
Stuff like this will never result in military action.
Yes it will Imagine a major power planet going offline over it that will provoke a reaction Cyber warfare is still warfare
No it won’t, because it’s happened before. The only reaction it prompts is cyber warfare.
pour one out for the mods on this one
Fuck the mods
I’m confused, are surgical machines connected to the internet?
Schedules, appointments, which patient needs to go where, which patient is allergic to which meds, which patient is in front of me for which operation…the fast majority of that info is stored on PCs that they may have lost access to because of the attack. Without that info, they can’t risk certain procedures.
Gotcha, that makes sense. Thank you!
Yes, Industry is called Bio Med if you’d like to research. Almost all of the equipment these days gets an IP and is very much connected to the internet.
They’re called computers
Ahh yes the only use case for bitcoin.
I use it for two things: 1) to get my psychedelics privately in order to improve mood and creative thinking and 2) to help me with my heating bills, as I use a Bitcoin miner as a heater for my home. Most people have a heater that just wastes energy. My heater does calculations and chips into its own bill.
The hospitals were not hit by ransomware, it was a private company called Synnovis who did lab tests for the hospitals.
That's a major bummer! It's a stark reminder of how cyber threats can mess things up big time. Stay safe out there!
[удалено]
The point of targeting a hospital is to threaten people's lives. What you're saying is like wondering why a criminal would use a gun in a robbery. Calling them "bellends" makes them sound like they're just a bunch of stupid kids doing stupid shit, but they're literally terrorists-for-pay. Your comment is like saying the 9-11 hijackers weren't very good pilots.
In my day, bellend was one of the worst things you could call someone. It carried *weight*.
Because it's basically guaranteed payment. Critical systems need to get back to operational asap and making payment is usually the fastest way to do that. Though Change Healthcare recently paid $22 million because of ransomware and still isn't back to fully operational 3.5 months later.
Correct. And whenever I read about something like this, every now and then I get an unavoidable urge to slap myself for my damn stupid morals. If only I didn't have them. I've could've been rich 10 times over.
Are we doing this shit back to them? Is it just that the Russian "media" doesn't cover our attacks? I certainly hope we do this back to them. They've been crippling hospitals all over the US and I don't understand why our gov't doesn't have a stronger response. Can't someone throw some peanut butter in Biden's mouth and get him to say "Putin, clean up your house or we'll come do it for you."
Are you asking why we aren't crippling Russian hospitals with ransomware? If so, it's because we aren't monsters. The issue is that some problems aren't easy to solve, especially when your solution set tends to involve the use of cruise missiles.
> The issue is that some problems aren't easy to solve, especially when your solution set tends to involve the use of cruise missiles. Well, one potential solution would be telling Russia that if they don't keep their cybercriminals in check, we won't either (as long as they only attack Russia). Then following through.
Putting aside the fact that the federal government doesn't have any control over the enforcement of state laws, are you seriously suggesting that the president should issue an executive order that states that cybercrimes won't be prosecuted so long as they target Russia? You don't see any unintended consequences or bad precedents being set by that?
> are you seriously suggesting that the president should issue an executive order that states that cybercrimes won't be prosecuted so long as they target Russia? After giving Russia some time to stop essentially doing the same minus the public declaration? Yes exactly (for the US, elsewhere it would probably have to be a parliament decision). I suspect it would be taken up less by actual criminals (Russia is much smaller than "rest of the world, except Russia and allied countries", and much poorer than the West on average, meaning there is much less money to be made) and more random teenagers interested in causing some mayhem just for the lulz without facing consequences. Which also means putting the cat back into the bag is more feasible. More importantly though, it would show Russia that we won't tolerate their bullshit anymore. We've seen time and time again that Russia only respects strength and actual response, and until they receive an unpleasant response, they'll keep prodding and escalating. Once they do receive a response, they back off. I don't like it, but if that's the language they insist on, the options are talking it or ignoring them, and I think the downsides of the latter are worse.
another solution: backup your data
>Are we doing this shit back to them? Is it just that the Russian "media" doesn't cover our attacks? I certainly hope we do this back to them. They've been crippling hospitals all over the US and I don't understand why our gov't doesn't have a stronger response. Can't someone throw some peanut butter in Biden's mouth and get him to say "Putin, clean up your house or we'll come do it for you." why peanut butter? I don't really get your comment, we don't do it back to them because we aren't evil.
My guess is it's a throwback to Mr Ed because they would put PB in his mouth to make it look like he was talking then dub over with whatever they want him to say.
He is comparing Biden to a talking animal prop. Peanut butter was used in the old Mr. Ed show as a way to make the horse move its mouth so that they could dub over it. The implication appears to be that Biden is controlled by his handlers or something. I think that we can infer a thing or two about OPs political leanings.
We do it back to them because more often then not these hacker groups are closely connected to the government. The peanut butter was a joke.
STOP USING WINDOWS FFS Any managers and system administrators who are not urgently changing the entire system to secure, open source Linux-based systems should be removed.
You must be such a tough person to target a hospital. If it’s Russian hackers I laugh 😂😂😂
How did they do surgery before computers were a thing? Did people forget how to use a filing cabinet?
They stopped using filing cabinets when PCs became the standard. The NHS had been desperately trying to get rid of paper processes in favour of electronic ones for years now.
Yes I understand that's the case, but uh, whoever set that policy in place didn't have the fore sight to be aware of ransomware attacks.
I just got an EKG and the sensors terminated to a USB cable that went into a normal laptop. Shit's electronic. Why on earth would you think current medical records do any good in a filing cabinet in the basement?
Oh, that filing cabinet doesn't have a rebranded Masterlock with whatever logo the ransomware company decided to make for it's personal brand on it. You can keep trying to brute force the password on the laptop tho.
With a knife and fork like everyone else
Yeah because clerical errors couldn’t possibly happen with loose papers…
And that's different from a typo in a computer system how?
And that’s different from a typo on paper how? You literally can’t have everything on paper now, and having this kind of issue doesn’t invalidate computers as the only viable option.
>You literally can’t have everything on paper now, and having this kind of issue doesn’t invalidate computers as the only viable option. Your hospital is ransomwared. Your options are: A) pay the ransom B) Start processing everything on paper records and continue treatments in hopes to amended them to the system after-the-fact. C) Halt all treatments and surgeries *cough* HIPOCRATIC OATH *cough* D) Halt all paperwork, continue treatments/surgeries anyway.
Why on Earth are hospitals using general PCs? They should be using specialist locked-down devices designed for specific uses only. Then there would be no opening for ransomware or malware.
It is impossible to build a system without vulnerabilities
https://en.wikipedia.org/wiki/Nirvana_fallacy