Ransomware & HSE

HalfAndHalf

JibJabWibWab wrote: »

Tell me you are a HSE ICT worker, without saying you are a HSE ICT worker... :rolleyes:

"rooting for you" :rolleyes: :rolleyes:

Said like a true 1st or 2nd line analyst who clicks off at 17:30 and let’s the grown ups do the real work! LOL!

RogerThis

gmisk wrote: »

You are handing money to a criminal/criminals...and expect them to act honourably...what is the incentive for them to remove the ransomware and any other nasty pieces of code they have embedded in the systems?

People pay the ransom because they don't want to lose 100% or 50% of their company for 2% of their turnover. They pay it to get their data back or so they won't dump all the personal data on the dark web. Would you pay if it was your baby?
The criminals do act honourably, or else no one would pay.

JibJabWibWab

HalfAndHalf wrote: »

Said like a true 1st or 2nd line analyst who clicks off at 17:30 and let’s the grown ups do the real work! LOL!

Nah I'm a private sector, middle class, paye worker who pays for all the fcukups and waste of the public sector...

RogerThis

JibJabWibWab wrote: »

Nah I'm a private sector, middle class, paye worker who pays for all the fcukups and waste of the public sector...

You only pay your fair share like the rest of us.

gmisk

RogerThis wrote: »

People pay the ransom because they don't want to lose 100% or 50% of their company for 2% of their turnover. They pay it to get their data back or so they won't dump all the personal data on the dark web. Would you pay if it was your baby?
The criminals do act honourably, or else no one would pay.

Ah of course criminals, famed for acting honourably....

Some people pay because they are desperate or as you say weigh up the costs...it doesn't mean they necessarily get their data back, it doesn't mean their data isn't out in the world and it doesn't mean the hackers haven't left code in the systems which could possibly allow them back in....

JibJabWibWab

RogerThis wrote: »

You only pay your fair share like the rest of us.

Spoken like a true public sector leech...

Turtwig

HalfAndHalf wrote: »

Well this threads been ruined, can everyone stop feeding the troll please.

Nah it hasn't. Some of the posts have given me the biggest lift today.

HalfAndHalf

JibJabWibWab wrote: »

Nah I'm a private sector, middle class, paye worker who pays for all the fcukups and waste of the public sector...

I don’t really understand what being private sector has to do with not being 1st or 2nd line.....or is it that you don’t work in IT at all, yeah that’s probably it.

HalfAndHalf

Turtwig wrote: »

Nah it hasn't. Some of the posts have given me the biggest lift today.

Ha yeah this is true, but one or two are getting boring now, posting BS statements over and over and over. YAWN.

JibJabWibWab

HalfAndHalf wrote: »

I don’t really understand what being private sector has to do with not being 1st or 2nd line.....or is it that you don’t work in IT at all, yeah that’s probably it.

Oh so you're public sector too... noted...

RogerThis

gmisk wrote: »

Ah of course criminals, famed for acting honourably....

Some people pay because they are desperate or as you say weigh up the costs...it doesn't mean they necessarily get their data back, it doesn't mean their data isn't out in the world and it doesn't mean the hackers haven't left code in the systems which could possibly allow them back in....

Paying the ransom doesn't clean up the system. That will take HSE IT the next year or so.
It should stop them from releasing the sensitive data though.

JibJabWibWab

JibJabWibWab wrote: »

Spoken like a true public sector leech...

Spoken like a true gobsh1te.

And before you say that I'm public sector, nope private sector I.T. worker. Public sector can't match either salary, benefits or conditions.

gmisk

RogerThis wrote: »

Paying the ransom doesn't clean up the system. That will take HSE IT the next year or so.
It should stop them from releasing the sensitive data though.

Should it? Why?
For how long?
They will have the data...well a copy of it..and can do whatever they fancy with it is my point.

HalfAndHalf

JibJabWibWab wrote: »

Oh so you're public sector too... noted...

Hahahahhaa poor deflection! Very poor!

And no, I’m not thanks, I work over in the U.K. for a law firm, we’ve got lots of 1st and 2nd liners, I’ll get you an interview if you like......you won’t get the job but the trip will be great craic!

Blowfish

mcsean2163 wrote: »

No you don't. Instead of listening to engineering, you say upgrade in X days. You must be ready.

We still have the need for old systems running WinNT and XP with legacy serial/parallel ports.

No you don't. Upgrade. End of.

Sounds like you're in Intel. Machines running xp are a security vulnerability. If they are not networked/ throttled you should be ok but as an it professional you should simply say that they are not allowed and have to be upgraded. Keep the source code change the OS. Engineering will bitch and complain but escalate and get it done.

Escalate to whom exactly? The people that are under pressure from the politicians and public to reduce waste, increase number of beds, reduce wait time, build additional hospitals, provide services closer to users etc. etc. etc. You really think you are going to convince them to throw out perfectly functional equipment because it's not upgradeable?

RogerThis

gmisk wrote: »

Should it? Why?
For how long?
They will have the data...well a copy of it..and can do whatever they fancy with it is my point.

So if you look at a story like this:

https://www.theverge.com/2021/4/21/22396283/apple-schematics-leak-ransomware-quanta-supplier-leak

Someone paid the $50 million ransom the no more schematics got released.

Why would it be any different for the HSE?

Necro

JibJabWibWab don't post in this thread again

RogerThis

RogerThis wrote: »

Paying the ransom doesn't clean up the system. That will take HSE IT the next year or so.
It should stop them from releasing the sensitive data though.

As someone who had to pay a ransom and clean up a system some years ago.

I had a better support experience when engaging with the perpetrators than legit vendors.

Ubbquittious

Whats wrong with serial ports?

Great invention

gmisk

RogerThis wrote: »

So if you look at a story like this:

https://www.theverge.com/2021/4/21/22396283/apple-schematics-leak-ransomware-quanta-supplier-leak

Someone paid the $50 million ransom the no more schematics got released.

Why would it be any different for the HSE?

Yep that is one example where it worked out ok...it doesn't mean they all will, you are dealing with criminals and expect them all to behave honourably?

skimpydoo

Tow wrote: »

Would that insurance be the tax payers pocket or Axa insurance, who have also found them self in the same FUBAR as the HSE.

Axa because of the ransomware attack on their systems no longer offer ransomware insurance.

riclad

Many industrys including the hse have pcs running windows 7,or windows xp,because say you have device scanner, that costs 1 million euros that uses xp device drivers and old style cables , you dont throw it out cos it does not run on windows 10.
pcs can last over 10 years if they are well maintained.
the hse has 86,000 pcs ,these will all have to disconected from the network
And checked to remove malware .
i hope the hse has a good advanced backup system as they will likely have to restore patient data from backup drives .

Beasty

Deleted User wrote: »

A ransomware attack or a series of them could destroy a business and reduce its value to zero. Does boards.ie have this policy of banning such payments?

The size of this particular company would suggest it does not have specific policies on something like this.

I do think though that's pretty academic, as anything of that nature would probably destroy the site regardless.

The good news is though that I don't think there would be any money to go for here. It would involve effort and risk for a pretty much guaranteed zero return.

All this is without any private info about the "business" - I have seen the accounts (which are publicly available, although it's a year or two since I looked). The data anyone could get is very limited in most cases (email and IP addresses, with possible link to real name).

I don't think they could go after individual posters either - again the potential rewards versus risks would not warrant it).

harmless

riclad wrote: »

Many industrys including the hse have pcs running windows 7,or windows xp,because say you have device scanner, that costs 1 million euros that uses xp device drivers and old style cables , you dont throw it out cos it does not run on windows 10.
pcs can last over 10 years if they are well maintained.
the hse has 86,000 pcs ,these will all have to disconected from the network
And checked to remove malware .
i hope the hse has a good advanced backup system as they will likely have to restore patient data from backup drives .

What they seem to do is pay private companies to supply security support for operating systems that are no longer supported by Microsoft.
https://www.irishexaminer.com/news/arid-30974569.html

RogerThis

gmisk wrote: »

Yep that is one example where it worked out ok...it doesn't mean they all will, you are dealing with criminals and expect them all to behave honourably?

They are honourable so the next company will pay too.

Tow

Ubbquittious wrote: »

Whats wrong with serial ports?

Great invention

You cant beat RS232 for security :-) There has been some fancy state sponsored viruses released to attack equipment controlled by the humble serial port.

frozenfrozen

harmless wrote: »

What they seem to do is pay private companies to supply security support for operating systems that are no longer supported by Microsoft.
https://www.irishexaminer.com/news/arid-30974569.html

They pay Microsoft for extended support

TomOnBoard

There is a light wrote: »

Who are ya coddin wha!

Oh Cod, You eely need to do some sole searching and learn to know your plaice...

Cyberinsurance giant AXA hit by ransomware attack after saying it would stop covering ransom payments
https://grahamcluley.com/cyberinsurance-giant-axa-hit-by-ransomware-attack-after-saying-it-would-stop-covering-ransom-payments/

Wombatman

BREAKING NEWS: Lone Telecommunications Guru Migrates entire HSE IT Infrastructure to the Cloud in Six Months.