Spike in attempted cyberattacks on healthcare sector

Spike in attempted cyberattacks on healthcare sector

https://www.rte.ie/news/business/2023/0529/1386143-cyber-attacks/

This was on RTE news this morning. There are forces like Trickbot determined to replicate the largest ever health sector ransomeware attack that happened just over two years ago and caused unprecedented chaos in an already chaotic organisation. Some material being flogged off on the dark web for pittance. With the snowballing use of AI in cyberattacks, are our defences keeping up? I saw a curious post on LinkedIn that defied logic. A cybersecurity professional suggested that the good guys now have the upper hand because of AI, thankfully someone else has the sense the counter that by reminding poster that the bad guys have this at their disposal too.

the fact a few chaps with little more than a laptop and internet connection were able to cripple the HSE as they did it’s no wonder others are trying.

If not for the potential ransom money there would be plenty of kids with something to prove who’d do it for a rainy day activity

https://www.boards.ie/discussion/comment/120658383#Comment_120658383

It only takes a lidel laptop or lesser.

https://www.boards.ie/discussion/comment/120658383#Comment_120658383

Absolutely, I have learned “how to do it” as a retirement “hobby” (keeps my brain active) but wouldn’t do it. Just very interesting to explore how it is accomplished, all it takes is intent and not a ton of genius.

https://www.boards.ie/discussion/comment/120668265#Comment_120668265

yea it’s not very complicated provided you have at least a basic to intermediate understanding of computers

well, depending on what you’re trying to hack obviously. It’s going to be leaps and bounds easier to break into say, a Facebook account, than the pentagon right 😅

but from what I’ve read the HSE was as easy as that so.

https://www.boards.ie/discussion/comment/120668544#Comment_120668544

Heard exactly how a very busy staff member clicked on a link in a phishing email.

jmreire

https://www.boards.ie/discussion/comment/120668544#Comment_120668544

Sorry for butting in, and feel free to move, delete etc, as appropriate, But I do not know where else to post. Within 15 minutes this evening, I've been sent codes by Microsoft to reset my password 3 times. With the proviso that If I have not requested these codes, it's probably a mistake made by someone else, and no need to worry. But as Ernst Stavro Bloemfeld said in Goldfinger " " First time, Mr. Bond, its happenstance, 2nd time it's happenstance, but 3rd time Mr. Bond, its enemy action,"

Any advice would be welcome., Thanks.

Strumms

I think the law has to firm itself up to cope with this stuff…

it should be a mandatory significant custodial sentence for anyone fûcking with our healthcare, banking, criminal justice system or anything similarly as important to the wellbeing of the country and us citizens..

eightieschewbaccy

https://www.boards.ie/discussion/comment/121516204#Comment_121516204

Main piece of advice is, you need to make sure you have two step authentication on your important accounts. I tend to enable whenever available. Other part is ideally use a password manager to generate unique passwords. Recommendations would be onepass, keepass or bitwarden.(Avoid LastPass cause of poor rep) That's pretty much gonna keep you in a reasonably safe state. The attempt to reset indicates you probably weren't breached unless a suspicious ip logged in, could also be phishing mails.

BrianD3

The HSE is a badly managed shambles with over 100k employees, many of them are idiots who are not held accountable for their mess ups. There are over 500 deaths due to "adverse incidents" in HSE acute hospitals every year, how many staff are sacked? And this is the HSE's core work whereas IT, cybersecurity, data management etc. are regarded as support activities.

it doesn't matter how often staff receive cybersecurity training and are asked nicely not to compromise the security of the Irish public health service - with no financial consequences for idiocy, considerable numbers will still click on every link and attachment that they see and then enter usernames and passwords when prompted. If someone was a cybercriminal looking to cause chaos, the HSE would likely be near the top of their list of targets.

jmreire

https://www.boards.ie/discussion/comment/121516311#Comment_121516311

Yes, you are dead right there, and I have 2 step verification on bank accounts, credit cards etc. bit of a pain at times, but it's definitely worth it. I don't really mind the occasional Microsoft " here is the code you requested", but when you get 3 of them in the space of 15 mins or so, that's what worries me a bit. Microsoft offers to remember your passwords, but I do not even trust that. I keep them in a safe password protected folder on the computer itself. Thanks for your help.

28064212

https://www.boards.ie/discussion/comment/121516204#Comment_121516204

There's three likely possibilities:

1. Someone is deliberately trying to crack into your account
2. Someone is unintentionally usng your username to try to log into their own account
3. Someone is sending you fake emails hoping you'll click on a link to "reset" your password

(1.) is annoying, but not terribly concerning. If they're crap enough that you're getting warnings about it, they're just not very good. You should make sure you have a strong password (that isn't reused on other sites) and that you have MFA set up for your account.

(2.) happens more often than you think. There could well be a jmreire out there who thinks his username is example@outlook.com, when it's actually example@live.com, and they're trying desperately to reset the password.

(3.) is a pretty common attack. It's very difficult to verify that emails are actually coming from who they say they are. You should basically never click on a link in an email, or at least never enter in login details on the page that the link takes you to. If you need to reset your password, open a new browser tab, enter www.microsoft.com directly, and do it from there.

https://www.boards.ie/discussion/comment/121516204#Comment_121516204

Reset your password.

Contact Microsoft. Do not click any links in emails/texts. It may be a phishing scam it may be someone trying to break into your account.

ahnowbrowncow

Why would Spike do this?

jmreire

https://www.boards.ie/discussion/comment/121516401#Comment_121516401

Yes, the MS email specifically states that if it was not you trying to reset your password, just to ignore it as it may have been an innocent attempt by someone with a similar account name to mine. And that has happened in the past, a single mail but when you get 3 of them in the space of 15 mins or so... As for someone deliberately trying to hack into my account (which is looking extremely likely, would you say? ) what's the best thing to do ? I've already set the password change interval to 60 days.

jmreire

https://www.boards.ie/discussion/comment/121516407#Comment_121516407

Thanks Raichu, I'll do that. There's no links in the msg, it just gives you a single use code to reset your existing password. Nothing to click on, but you are right to be careful of the mails that do have clickable links, for sure!

28064212

https://www.boards.ie/discussion/comment/121516427#Comment_121516427

I wouldn't say it's extremely likely at all. I'd say any of the three possibilities I listed are as likely as each other. If you have a strong password that hasn't been used anywhere else, and MFA enabled, you don't need to do anything. For all you know, they've made a hundred thousand attempts to crack it, and are now spamming you with reset requests in the hope you change it to something that was in their list.

Oh, and regular password changes are not part of recommended guidelines any more. They're more likely to compromise security than enhance it. Set a strong, unique password, enable MFA, and then leave it alone

Most/many sites direct you to strong password authentication / keychain, but there’s a fair number of sites that do not.

jmreire

https://www.boards.ie/discussion/comment/121516451#Comment_121516451

The change your password regularly has done an about turn so, because it was the universal mantra in the past, "change your password regularly" and the IT department of the organization I worked for at one time, it was mandatory on their computers. Thanks again for your helpfull advice, which I'll take.

Hotblack Desiato

Yes that's because people were just doing 'password1' 'password2' etc. so it offered nothing extra in terms of security, just more hassle with forgotten passwords, and made it more likely people would write them down...