Ransomware takes Hollywood hospital offline, $3.6M demanded by attackers

originally posted by: rigel4
a reply to: StoutBroux

Why oh why do large corps.. and every bugger else
still slave to Microsoft???

Listen .. it's crap ..buggy and very very insecure.

Use Linux .. security guaranteed!

Wow.

Less prone to malware? Generally more secure out of the box? Sure. Saying much more than that only demonstrates a dangerous abundance of hubris typical of the uninitiated.

a reply to: StoutBroux

ransomware is evil.

recently i had a friend that had to pay 750 in order to decrypt his files.

always have 3 copies of your data. Live data, backup and offline archived data.

Now you'll see that this hospital will have the right amount of data backup in the future.

The hospital should possibly consider this to be a fine for failing at basic security practices.

Non-essential systems should be firewalled, with current antivirus programs, with weekly offsite, immutable backups, restricted and proxied web-access, and no personal email access.

Essential systems should be subject to the same restrictions, but daily system backups, and automatic hourly backup of data.

Critical systems should be airgapped (as on a totally isolated network, or not networked at all), with all interfaces (USB, serial etc) sealed off, so users can't connect their own potentially infected devices to them. Medical systems that need to send test result data should do so in such a way that its one way only. They can send, but can't receive anything.

originally posted by: theantediluvian

originally posted by: rigel4
a reply to: StoutBroux

Why oh why do large corps.. and every bugger else
still slave to Microsoft???

Listen .. it's crap ..buggy and very very insecure.

Use Linux .. security guaranteed!

Wow.

Less prone to malware? Generally more secure out of the box? Sure. Saying much more than that only demonstrates a dangerous abundance of hubris typical of the uninitiated.

What? uninitiated in what?

bleh!

a reply to: mOjOm

Of course.....

The benefits of crippling a public hospital, forcing those into Insurance hospitals and further into debt.

Scheduled regular incremental disk imaging can get you out of a problem like this and not just 'ransomware' or virus attacks, a HDD can simply die at any time causing loss of all data. The problem is that people get complacent even if the right tools are available to enable a speedy recovery from disaster.

With an image, you can simply wipe the HDD or replace it and restore everything in a short time.

Guaranteed this was some IT-illiterate employee clicking a spam link or something. Stuff like this is exactly why a basic IS course should be a job requirement for anyone coming into contact with other people's data. I've got a hunch that most of the recent "hacks" where data was compromised weren't hacks at all, they were the result of some clueless user who shouldn't have access to anything more advanced than a word processor opening files from a Nigerian prince.

originally posted by: StoutBrouxSince this happened at UCLA hospital last year and peoples lives are on the line, I'm wondering why this isn't taken more seriously. After all, this is a form of terrorism that can hit close to home without a bomb or gunfire.

And we see once again, how completely helpless we are and the government isn't able to do a thing about this form of terrorism. This has gon on over a week and no end in sight.

Probably because the attackers are not in America so the response is limited. I would be for sending in a hit team to kill them if their location is found and their government won't cooperate.

Ok so no one uses backups anymore?

I have a server that backs up my home computers weekly. Even my phone. Plug it in, it backs up, backup goes to my PC. PC spits it onto the server via LAN. I have web connections blocked on the server. Im sure its not 100% secure but it works for me.

Why cant hospitals do this?

a reply to: ugie1028

A solid system can be set up fairly easily but leave it long enough without anything happening and it gets crippled because of cost, downtime, system slowdown etc etc. According to Murphy's Law, if things go wrong it'll be at the worst possible time.

It's simple enough to backup user created files and databases to an external drive but that ignores all the apps setup on the machine including the OS itself (all those disks and serials, activation codes required to be found in bottom of a drawer somewhere). That's where imaging shines, the entire system can be restored to an empty HDD in 1 short session without interaction and be working exactly as it all was prior to the crash or infection. The only things lost will be changes made since the last backup.