Ransomware & HSE

gmisk · 17-05-2021 07:24PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

This cyber attack on Ireland's most vulnerable people for attempted financial gain, is nothing less than an act of war, but with nobody obvious to target.

I'd like to see our agencies, working with Europol and bilaterally with other member States, chase these effers down and as the Mossad would, assassinate them.

Further, the EU governments should spare no effort to destroy cryptocurrency and everything to do with it.

That might give our Russian criminal friends the idea.

I would personally go with the opposite of what Israel would do.
Israel would probably lie, escalate and make a hash of things.
https://www.aljazeera.com/news/2021/5/15/silence-the-story-israeli-strike-on-media-offices-gaza-condemned

https://twitter.com/AP/status/1394260581201371146?s=19

Destroying cryptocurrency....lol....good luck

Do people know russian hackers were behind it? I don't think they do

Galwayguy35 · 17-05-2021 07:40PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

This cyber attack on Ireland's most vulnerable people for attempted financial gain, is nothing less than an act of war, but with nobody obvious to target.

I'd like to see our agencies, working with Europol and bilaterally with other member States, chase these effers down and as the Mossad would, assassinate them.

Further, the EU governments should spare no effort to destroy cryptocurrency and everything to do with it.

That might give our Russian criminal friends the idea.

This is Ireland, we strike about as much fear in other countries as Barney the dinosaur.

The DayDream · 17-05-2021 07:42PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

This cyber attack on Ireland's most vulnerable people for attempted financial gain, is nothing less than an act of war, but with nobody obvious to target.

I'd like to see our agencies, working with Europol and bilaterally with other member States, chase these effers down and as the Mossad would, assassinate them.

Further, the EU governments should spare no effort to destroy cryptocurrency and everything to do with it.

That might give our Russian criminal friends the idea.

Walter Mitty called he wants his secret life back

harmless · 17-05-2021 07:45PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

Obviously they would use faked passports of nations they are on good terms with to infiltrate Russia and have the hackers assassinated.

MrMusician18 · 17-05-2021 07:47PM

gmisk wrote: »

I would personally go with the opposite of what Israel would do.
Israel would probably lie, escalate and make a hash of things.
https://www.aljazeera.com/news/2021/5/15/silence-the-story-israeli-strike-on-media-offices-gaza-condemned

https://twitter.com/AP/status/1394260581201371146?s=19

Destroying cryptocurrency....lol....good luck

Do people know russian hackers were behind it? I don't think they do

While Ireland won't cripple crypto, it's been on the radar of the G7 for some time. The recent criminal activity involving it hasn't done it's reputation any favours shall we say.

Larbre34 · 17-05-2021 07:50PM

Galwayguy35 wrote: »

This is Ireland, we strike about as much fear in other countries as Barney the dinosaur.

Quite so. But this is an international problem and one the EU should be dealing with as one.

An attack on one is an attack on all. These ***** should be chased to the ends of the Earth and destroyed.

Galwayguy35 · 17-05-2021 08:04PM

Larbre34 wrote: »

Quite so. But this is an international problem and one the EU should be dealing with as one.

An attack on one is an attack on all. These ***** should be chased to the ends of the Earth and destroyed.

With all the attacks going on in other countries the Government needs to answer why we haven't the most up to date systems already set up here in Ireland.

mcsean2163 · 17-05-2021 08:09PM

I have to say I've been really upset by this. I was working with HSE years ago and using Windows 7 and paying Microsoft to extend support so they wouldn't have to upgrade was crazy in my opinion.

I expect a competent 12 year old could have hacked the HSE.

Secondly, Taoiseach Martin saying the ransom wouldn't be paid was insane. They could have discretely paid a small amount and got some systems up and running. The hospitals are absolutely effed, patient's scans cannot be read properly etc. Let him gamble with his own life, (I expect he has zero children needing medical attention).

Thirdly, the rebuild is insane. If there was a proper backup system they would just format all the computers, instead they are talking about bringing them up one by and checking to see if there is a virus in them. That is mind bogglingly stupid.

We have brilliant doctors and nurses, literally the best in the world and a bureaucracy called the HSE full of grifters and do nothings that stifle anyone trying to work and destroy the brilliance of the core team.

I am so fed up with government.

Housing
HSE
Banking
Corporate tax

Whatever they do they seem to destroy.

There needs to be people fired all around the public service as the wasters are throttling the good. This latest disaster that will most likely result in lots of deaths of real people young and old is a bridge to far.

I'd even go to say that whoever decided to keep their infrastructure on Windows 7 should be imprisoned.

DessieJames · 17-05-2021 08:09PM

whippet wrote: »

Utter scutter …. How much do you think the HSE spent on cyber security ? How much should they have spent ? And if they spent it would it have avoided an attack?

Unless you know 100% the answers to these questions you are talking nonsense

Covid brought a swade of internet epidemiology experts … now this seems to have brought out the best of Facebook it security experts

touched a nerve have we, you sound as if you actually work for the HSE IT department you are getting that worked up

it doesnt take a genuius to work out that you need to spend a lot of money on cyber security in order to prevent a cyber attack, evidently the HSE didnt have the necessary cyber security protocols in place otherwise this would have been prevented.

So stop talking nonsense, im telling it as it is.

mcsean2163 · 17-05-2021 08:12PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

This cyber attack on Ireland's most vulnerable people for attempted financial gain, is nothing less than an act of war, but with nobody obvious to target.

I'd like to see our agencies, working with Europol and bilaterally with other member States, chase these effers down and as the Mossad would, assassinate them.

Further, the EU governments should spare no effort to destroy cryptocurrency and everything to do with it.

That might give our Russian criminal friends the idea.

This

That might give our Russian criminal friends the idea.idea.

How do you know it's not a few teen-agers in Blackrock. The HSE was running Windows 7 across all their PC's. My mother in her eighties was talking about being safe because she was on windows 10. It just beggars belief.

It could be anyone anywhere.

Hurrache · 17-05-2021 08:14PM

mcsean2163 wrote: »

I have to say I've been really upset by this. I was working with HSE years ago and using Windows 7 and paying Microsoft to extend support so they wouldn't have to upgrade was crazy in my opinion.

I expect a competent 12 year old could have hacked the HSE.

Secondly, Taoiseach Martin saying the ransom wouldn't be paid was insane. They could have discretely paid a small amount and got some systems up and running. The hospitals are absolutely effed, patient's scans cannot be read properly etc. Let him gamble with his own life, (I expect he has zero children needing medical attention).

Thirdly, the rebuild is insane. If there was a proper backup system they would just format all the computers, instead they are talking about bringing them up one by and checking to see if there is a virus in them. That is mind bogglingly stupid.

We have brilliant doctors and nurses, literally the best in the world and a bureaucracy called the HSE full of grifters and do nothings that stifle anyone trying to work and destroy the brilliance of the core team.

I am so fed up with government.

Housing
HSE
Banking
Corporate tax

Whatever they do they seem to destroy.

There needs to be people fired all around the public service as the wasters are throttling the good. This latest disaster that will most likely result in lots of deaths of real people young and old is a bridge to far.

I'd even go to say that whoever decided to keep their infrastructure on Windows 7 should be imprisoned.

I don't think you worked in IT when there, while your rant is admirable, it's entirely off the mark as to what may be the cause, solution and fall out.

ineedeuro · 17-05-2021 08:15PM

Galwayguy35 wrote: »

This is Ireland, we strike about as much fear in other countries as Barney the dinosaur.

We are a neutral country. The whole point of a neutral country is we don't strike fear into anyone

17-05-2021 08:16PM

DessieJames wrote: »

touched a nerve have we, you sound as if you actually work for the HSE IT department you are getting that worked up it doesnt take a genuius to work out that you need to spend a lot of money on cyber security in order to prevent a cyber attack, evidently the HSE didnt have the necessary cyber security protocols in place otherwise this would have been prevented.

So stop talking nonsense, im telling it as it is.

You're not though. You didn't answer the question.

fly_agaric · 17-05-2021 08:23PM

Larbre34 wrote: »

I think myself in these circumstances we should ask the question, what would Israel do?

This cyber attack on Ireland's most vulnerable people for attempted financial gain, is nothing less than an act of war, but with nobody obvious to target.

I'd like to see our agencies, working with Europol and bilaterally with other member States, chase these effers down and as the Mossad would, assassinate them.

Further, the EU governments should spare no effort to destroy cryptocurrency and everything to do with it.

That might give our Russian criminal friends the idea.

A bit over the top maybe (?) Would settle for the powers that be (and probably the general public too) realising that you do need some level of defence for yourself & can't leave it all to others to do/take care of (EU/US/UK) under umbrella of a somewhat dodgy "neutrality" policy.

Security of computer systems/networks for the core govt. depts and public sector as well as presumably the Irish telecoms/broadband infrastructure itself against attack from other countries or criminals is part of that defense IMO. Whatever about IT problems in the HSE specifically that might have contributed here, am not sure that the whole area has been given enough attention/funding (??) so this event might be a wake up call of sorts.

DessieJames · 17-05-2021 08:30PM

Topgear on Dave wrote: »

You're not though. You didn't answer the question.

i am though, i have answer the questions.

imagine not having the necessary cyber security protiocols in place and this is the countrys health service we;re talking about here.

Reid should be sacked over this, he is the CEO and this happened on his watch, it's a major major embarrasment.

mcsean2163 · 17-05-2021 08:34PM

Hurrache wrote: »

I don't think you worked in IT when there, while your rant is admirable, it's entirely off the mark as to what may be the cause, solution and fall out.

I managed multiple servers across three continents for an IOT company, etc. We had daily attacks but were never breeched. Have a master's degree and over 20 years experience since graduating.

Running Windows 7 in 2021 to accommodate a few legacy programs is ludicrous and sums up the HSE approach.

I am so sick of public sector failures, we have an incredibly resourceful talent pool and a moribund public sector

hmmm · 17-05-2021 08:39PM

mcsean2163 wrote: »

Thirdly, the rebuild is insane. If there was a proper backup system they would just format all the computers, instead they are talking about bringing them up one by and checking to see if there is a virus in them. That is mind bogglingly stupid.

They have no choice whatever they do. You have to check every single system to make sure the malware is removed. You pay the ransom, you still have to check - these criminals might still be using those systems to extract information or even preparing for a round 2 of ransomware.

The only people to blame here are the gang which did this, and the governments which protect them. The only people. There are businesses, hospitals and governments all over the world getting hacked with sometimes devastating consequences.

mcsean2163 · 17-05-2021 08:43PM

fly_agaric wrote: »

A bit over the top maybe (?) Would settle for the powers that be (and probably the general public too) realising that you do need some level of defence for yourself & can't leave it all to others to do/take care of (EU/US/UK) under umbrella of a somewhat dodgy "neutrality" policy.

Security of computer systems/networks for the core govt. depts and public sector as well as presumably the Irish telecoms/broadband infrastructure itself against attack from other countries or criminals is part of that defense IMO. Whatever about IT problems in the HSE specifically that might have contributed here, am not sure that the whole area has been given enough attention/funding (??) so this event might be a wake up call of sorts.

No funding needed. A proper it policy and two good it people could secure and run the network.

The HSE develops nothing. Choosing and integrating the correct systems is all that is needed. Then a support desk to tell people to turn on and off their computers.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

Turtwig · 17-05-2021 08:47PM

mcsean2163 wrote: »

No funding needed. A proper it policy and two good it people could secure and run the network.

The HSE develops nothing. Choosing and integrating the correct systems is all that is needed. Then a support desk to tell people to turn on and off their computers.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

Two People?

If only it were that easy.

ixoy · 17-05-2021 08:49PM

mcsean2163 wrote: »

No funding needed. A proper it policy and two good it people could secure and run the network.

No they couldn't. It really isn't that easy, especially integrating a bunch of disparate networks.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

"Put it in the cloud!" isn't always the solution. There's a lot of highly specialised software that is barely XP ready never mind cloud ready.

Obviously, the HSE - like many public and private sectors - could do with pumping more into their IT. But it really is not going to be a case of turning it off and on again or just clicking "Restore backup".

mcsean2163 · 17-05-2021 08:50PM

hmmm wrote: »

They have no choice whatever they do. You have to check every single system to make sure the malware is removed. You pay the ransom, you still have to check - these criminals might still be using those systems to extract information or even preparing for a round 2 of ransomware.

The only people to blame here are the gang which did this, and the governments which protect them. The only people. There are businesses, hospitals and governments all over the world getting hacked with sometimes devastating consequences.

If you lived on sheriff street would you leave your door open and bars of gold on your front window?

Format or dump the windows 7 computers. All terminals should be dumb and only interfacing with the systems meaning only the servers need to be reviewed.

This is a massive screw up by HSE and government IT. It's a national disgrace.

The approach taken is appalling. Talking about tracking down a group that could be anywhere using
an anonymous proxy server.

https://www.fossmint.com/free-proxy-for-anonymous-web-browsing/

gmisk · 17-05-2021 08:51PM

mcsean2163 wrote: »

No funding needed. A proper it policy and two good it people could secure and run the network.

The HSE develops nothing. Choosing and integrating the correct systems is all that is needed. Then a support desk to tell people to turn on and off their computers.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

There is some absolute nonsense on this thread...but this takes the top prize...this part in particular...well done.

Hurrache · 17-05-2021 08:54PM

gmisk wrote: »

There is some absolute nonsense on this thread...but this takes the top prize...this part in particular...well done.

He didn't say what his masters is in, but it's looking less likely that it's in the area he's posting about.

HalfAndHalf · 17-05-2021 08:56PM

Hurrache wrote: »

He didn't say what his masters is in, but it's looking less likely that it's in the area he's posting about.

He meant he’s been to The Masters.....fore!!

hmmm · 17-05-2021 08:57PM

mcsean2163 wrote: »

Format or dump the windows 7 computers. All terminals should be dumb and only interfacing with the systems meaning only the servers need to be reviewed.

The approach taken is appalling. Talking about tracking down a group that could be anywhere using proxy

Ah will you stop.

ongarite · 17-05-2021 08:58PM

mcsean2163 wrote: »

No funding needed. A proper it policy and two good it people could secure and run the network.

The HSE develops nothing. Choosing and integrating the correct systems is all that is needed. Then a support desk to tell people to turn on and off their computers.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

You haven't a notion what you are talking about.
Legacy software is a massive issue in all companies.
In my field, we only phased out IE11 this year for MS Edge browser.
We still have the need for old systems running WinNT and XP with legacy serial/parallel ports.

In fact, a small amount of systems/machines that make the most cutting edge CPU/GPUs are running WinNT right now.

fly_agaric · 17-05-2021 09:00PM

mcsean2163 wrote: »

No funding needed. A proper it policy and two good it people could secure and run the network.

The HSE develops nothing. Choosing and integrating the correct systems is all that is needed. Then a support desk to tell people to turn on and off their computers.

Solution: sign up with Microsoft Azure healthcare. That's half it and X millions per year saved. Instead they are using their own servers and these people (not all but a sizeable proportion), I'm sorry to say, shouldn't be let near patient data and hospital systems.

I think you may be oversimplifying (alot) there.

Anyway, wasn't really thinking about specifics of this particular episode or how HSE weaknesses may have contributed.

Just that idea of going after "Russia + criminals there"/"Crypto" etc. seemed fanciful and would settle for a greater awareness that some people out there do wish us harm.

Stuff like security of core networks/IT infrastructure, maybe even some abilities to attack-back against likes of these criminals is part of the country's defense (bit of a sore subject sometimes) + needs to be well funded and resourced even if we are "neutral" and "everybody loves Ireland" etc.

JibJabWibWab · 17-05-2021 09:03PM

gmisk wrote: »

Did the head of the HSE really say the ICT spend in HSE is 1/4 of what it would be in other countries?! I wonder where source is for that figure

He forgot to mention that he is the highest paid health administrator, in the whole world.

8,100 per week / 35,000 per month / 420,000 per year...

HalfAndHalf · 17-05-2021 09:03PM

mcsean2163 wrote: »

I managed multiple servers across three continents for an IOT company, etc. We had daily attacks but were never breeched.

Expand on multiple servers, this could be 1 per continent for all we know. And what management did you do, general admin, builds, patching, security?

Plus, managing servers is mainly irrelevant as it’s your perimeter and network security that’s more relevant other then OS patches (if providers actually give you them in time!

You’re firewalls are always being probed, any internet facing servers NAT address is openly available to the internet so scumbags will go poking at it to see if there’s any easy way in. You weren’t ‘attacked daily’, if you were your firewalls and/or web servers would be constantly falling over.

You can’t ever fully prevent infiltration from the Internet, the best you can do is make it more difficult than most others so the scumbags give up quickly and move on!

Damien360 · 17-05-2021 09:06PM

mcsean2163 wrote: »

I managed multiple servers across three continents for an IOT company, etc. We had daily attacks but were never breeched. Have a master's degree and over 20 years experience since graduating.

Running Windows 7 in 2021 to accommodate a few legacy programs is ludicrous and sums up the HSE approach.

I am so sick of public sector failures, we have an incredibly resourceful talent pool and a moribund public sector

My employer has equipment in the HSE running win7 and older. They are not connected to the web but are networked internally. The hardware connected is perfectly usable but the drivers don’t exist in win10 to bring that hardware along when upgrading. The hardware therefore becomes obsolete from a upgrade point of view. The replacement is expensive and they can’t justify replacing old but working hardware equipment on the basis of IT security. There is lots of equipment like that in the HSE. Why do selling companies do this ? Cost of training a field team to manage old equipment. Cost of repair of aged equipment climbs considerably as it ages. The cost of keeping stock of old parts and supply of same old tech from their suppliers. The New technology is actually considerably better but that is not a requirement for our customer in the HSE. They will buy for one purpose and one application. Once validated it won’t change to any new application. It will be used until it dies.

My dentist has a x-Ray machine on win98. Obsolete but working and she can’t justify change for the exact same reason.

Ransomware & HSE

Comments