SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
A rash of ransomware attacks this week targeted hospitals in the U.S. and Australia. The cyberattacks froze the computer systems of several medical facilities, to the point where they needed to turn away new patients and even cancel surgery appointments.
A ransomware attack, reported on Tuesday, impacts the DCH Health System, a regional hospital and medical complex located in Alabama, and left three satellite hospitals turning away patients. A separate attack disclosed on Monday impacted several regional hospitals in Victoria, Australia. There is no indication that the ransomware attacks are connected.
The DCH Health System, which announced it was hit by ransomware on Tuesday, is a government subdivision that operates a community-owned healthcare system in Alabama, consisting of DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center. These facilities are owned by the public, and the system is operated on behalf of the public by the DCH Health System board of directors.
The three regional hospitals, located in Tuscaloosa, Fayette and Northport, are "closed to all but the most critical new patients," according to a Tuesday release. The release said that cybercriminals are limiting the hospitals' abilities to use their computer systems in exchange for an "as-yet unknown payment."
"Our hospitals have implemented our emergency procedures to ensure safe and efficient operations in the event technology dependent on computers is not available," according to the release. "That said, we feel it is in the best interest of patient safety that DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center are closed to all but the most critical new patients. Our staff is caring for the patients who are currently in the hospital, and we have no plans to transfer current patients."
The hospitals said that local ambulances have been instructed to take patients to other hospitals if at all possible. Patients who come to their emergency departments may be transferred to another hospital when they are stabilized, representatives stated.
No further information is currently available. Threatpost has reached out to DCH about how and when the attack started and which specific operations are impacted.
-- submitted from IRC
(Score: 1, Interesting) by Anonymous Coward on Wednesday October 02 2019, @11:53AM (12 children)
Offline backups seem safe but a pain to keep current.
Online backups spread across a cloud seem easy but a juicy target.
Securing your system seems an odds game at best. (Especially with some OS vendor's business plan.)
Is there anything that works for sure and is easy?
Any consensus on best practice?
(Score: 2) by Bot on Wednesday October 02 2019, @12:05PM (1 child)
No expert on the field but the first thing I would do to keep backup data safer and confidential would be to verify if the old trick of a one way eth cable still works ...
Account abandoned.
(Score: 0) by Anonymous Coward on Wednesday October 02 2019, @12:20PM
But an information diode in the Ethernet cable would have to point towards the backup server.
The bad guy could still send stuff in, but not know if he was successful.
If he had a backup server of his own to play with, how would that work?
(Score: 1) by fustakrakich on Wednesday October 02 2019, @03:05PM (8 children)
Is there anything that works for sure and is easy?
Yep, pen and paper. You don't even need electricity.
La politica e i criminali sono la stessa cosa..
(Score: 2) by HiThere on Wednesday October 02 2019, @08:23PM (5 children)
Pen and paper are rather slow for transmitting graphics images between hospitals.
OTOH, with ASCII and a standardized compression you could do it as finely as desired. The file type that comes to mind is XPM. You'd need a standardized compression method, but what would be decompressed would be a non-executable graphics image that many standard graphics programs could handle. There should be an equivalent with sound. (If not, there certainly could be.) Video has to be done via a succession of files in specified order that are each graphics images. (This isn't optimal in transmission size, but with a decent compression routine it would be close to optimal. I don't know of any software that handles generating videos from a dictionary of XPM files, but there's nothing very hard about it. You might need to add something into the XPM standard to specify how long the image was displayed, but that could be a comment as far as the standard XPM programs are concerned...and still just be ASCII (e.g. "dwell=30ms"). (Or it could even be noise displayed in the upper left hand corner.)
So non-executable ASCII should suffice. Nothing requiring anything powerful enough to either be a Turing Machine or to satisfy the requirements of Goedell's inconsistency.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 1) by fustakrakich on Wednesday October 02 2019, @08:29PM (4 children)
What, no fax machines? That's a little like throwing away the spare tire...
La politica e i criminali sono la stessa cosa..
(Score: 2) by HiThere on Wednesday October 02 2019, @09:15PM (3 children)
Fax machines have their uses...but they don't handle high density information gracefully.
Just imagine trying to show a false-color image of a pancreas at high detail so you can show which cells you suspect might be cancerous and why.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 1) by fustakrakich on Wednesday October 02 2019, @09:29PM (2 children)
You know it's only temporary until they get the machines back up, right?
But another thing. This ransomware shit has been happening for a long time. Time to demand budgeting for proper back up. We can't really nail them for negligence yet until we do.
La politica e i criminali sono la stessa cosa..
(Score: 2) by HiThere on Thursday October 03 2019, @06:28PM (1 child)
If it's only temporary, it's not a solution.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 1) by fustakrakich on Thursday October 03 2019, @07:04PM
That's right. The solution is back ups. But until then, fax will suffice in a pinch. Plan for the future without losing touch with present.
La politica e i criminali sono la stessa cosa..
(Score: 3, Funny) by Anonymous Coward on Wednesday October 02 2019, @08:56PM (1 child)
(Score: 1) by fustakrakich on Wednesday October 02 2019, @09:20PM
Heh, I suppose the theology department only needs a wing and a prayer...
La politica e i criminali sono la stessa cosa..
(Score: 2) by janrinok on Thursday October 03 2019, @07:22AM
Yes - get it off the internet! Build dedicated networks for data that should be protected.