Gotta paraphrase RiskyBiz on this one; release the hounds. This kind of attack should be treated with the same severity as if you went and drove a truck through the hospital's main transformers IRL; if you ransomware a hospital, you should be seriously concerned about ordnance coming through your front window
this post was submitted on 03 Feb 2024
120 points (99.2% liked)
Technology
73602 readers
3942 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Any cyber warfare should be.
It's one thing to snoop around some corporate website looking for bugs to extort. That's a crime. You shouldn't do it, if you get caught you should get a knock on your door from a police officer. They want to start by asking some questions.
It's a completely different thing to use those tactics on state infrastructure. That should be seen as an act of war. Your front door should be forcibly beaten down with a battering ram.
looking for bugs to extort
I sleep
Looking for bugs to responsibly disclose, ideally through a bug bounty program
REAL SHIT
To borrow another turn of phrase, warheads on foreheads
I'm not generally one who thinks digital shenanigans deserves a kenetic response, but these sorts of callous assholes definitely deserve a taste of freedom delivered straight to their door.
It's not "digital" when it literally kills people.
I’m happy to make an exception for someone attacking a children’s hospital.
What kind of loser (sh*thead) can do this and think that's okay.
This is also why you shouldn't pay the fuckers. It just encourages them to do it more.
That requires the people at the top to have the intelligence to hire a competent IT department and keep frequent enough back ups. This is a line of though most of American civilian leadership rejects outright. They see IT as nothing but a huge cost that can be cut at a moment's notice and then offshored to some third world country to "save money." A move which invariably costs them more money, but that's next quarter's problem.
This is the best summary I could come up with:
Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children's hospital in an apparent deviation from its previous policy of not targeting nonprofits.
LockBit's intrusion began on December 18 but the hospital's internal investigation didn't conclude patient data was compromised until January 7.
"As part of Saint Anthony's ongoing commitment to data privacy, we are working to review existing policies and procedures and implement additional ones as needed.
Until then, all patients are advised to remain vigilant to identity or financial fraud attempts and sign up for a free year of credit monitoring.
We've been unable to get in touch with the spokesperson for the gang to ask about the attack and shift in approach, but the malware collectors at vx-underground were under the impression that LockBit was either ignorant to the fact Saint Anthony was a nonprofit, or simply didn't care.
Asked about the reasons for the attack, the gang reportedly responded by sending the hospital's financial disclosures, suggesting it either thought it was indeed a corporate entity or confused the meaning of "nonprofit" for an organization that generates zero revenue.
The original article contains 840 words, the summary contains 185 words. Saved 78%. I'm a bot and I'm open source!
But why can't we pretend they just threatened to kill the president or something, burn some 0-days to get their exact locations, and blow them all up at the same time using our huge force of drones we deploy all over the world anyway?
Next ransomware group would think much, much harder