fritzelly wrote: » Should have stuck with exchanging a sheep for a new wife is all I'll say
Deleted User wrote: » I think this thread needs more mentions of laser eyes.
NomadicGray wrote: » I think it needs more reports for trolling
fvp4 wrote: » Surely criticism is allowed.
fvp4 wrote: » Surely criticism is allowed. If this keeps up all crypto will be legislated against.
degsie wrote: » Of course everybody brushes over the fact that the computer systems were somehow compromised in the first place.
[Deleted User] wrote: » I personally blame the hackers for this attack, but regardless crypto acolytes cannot ignore the enormously nefarious use case of money laundering. I can only speak for myself (and a lot of friends) but I got into crypto to buy drugs on the internet with bitcoin.
bankboucy wrote: » I'll take the test for you the highest probability of complete escape for criminals from prosecution is as follows: (1) Bitcoin (2) Cash (3) Bank Wire
Bitcoin clearly has a causation effect on increasing fraud, kidnapping, extortion, ransomware.......how could it not........
FFVII wrote: » Bottomless pit of tax payer money and the HSE couldn't keep their windows XP updated.
FFVII wrote: » Off the shelf ransomware that copies everything. If HSE don't pay then publish it all. What then? Time for top guy to go, job well done. 250,000 pension well earned.
AndrewJRenko wrote: » Why exactly would the 'top guy' go? It is effectively impossible to prevent a zero day exploit getting into your systems. All you can do is ensure that you can recover reasonably well.
pioneerpro wrote: » The issue here is not one of predicting and mitigating a novel exploit, but rather having appropriate high-availability failover and data redundancy plans suitable for a critical national body. Almost every SaaS industry has a requirement for things like 'Five 9s' uptime and automatic failover of critical core systems. That the health-service doesn't is an absolutely scathing indictment of its treatment of Healthcare IT as a cost-center over the last 20 years, rather than as the core provisioning service that it represents. In any case, this sort of non-targeted ransomware attack being anything other than a 'wipe and restore from last night's backup' is *always* the fault of: * Poor control and granularity of user permissions * Escalation of privilege above the use-case of the system * Lack of monitoring in file-handles * Lack of a network 'DMZ' to prevent the spread * Lack of battle-tested fail-over and backup/restore procedures In short, they done goofed.
AndrewJRenko wrote: » Congrats on your ability to diagnose the cause of a problem that the relevant teams are still stuck in the middle of.
pioneerpro wrote: » The relevant teams are doing after-the-fact mitigation of the catastrophic impact of exploiting a known attack vector, not exclusively diagnosing what happened. The reason they're doing this is because their existing processes weren't fit for purpose.
AndrewJRenko wrote: » What was the known attack vector used?
The categorisation was done in respect to the stages of ransomware deployment methods with a predictive model we developed called Randep. The stages are fingerprint, propagate, communicate, map, encrypt, lock, delete and threaten.