General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsSo, we are under cyberattack.
Focused on our hospitals. Who are the bad actors? The answer should define our response. If it's Russia, we are at war with this criminal operation. Need to vote Benedict Donald out of ofice.
See the great Dr. Rachael Maddow explaining it tonight.
cilla4progress
(24,731 posts)been reading about this in the news. The great reporters at Gaslit Nation and others.
Haven't watched MSNBC lately. Trying to remain sane in the runup.
May catch Maddow on your rec, tho.
dchill
(38,489 posts)PoindexterOglethorpe
(25,855 posts)What little I've read about this stuff has strongly said that the hospitals themselves are hugely at fault because they have really crappy security. The people running the hospitals don't understand that they need to pay for a strong firewall.
I'm not an IT person, so I can't assess that statement, but I'm willing to believe it's true.
OAITW r.2.0
(24,468 posts)Fuck them, and vote like you know it.
foo_fighter999
(86 posts)Sure, hospitals are huge targets for an obvious reason; patient data can easily be sold off or used for blackmail so it can be a rather nice payday for the hackers. But if they're not investing enough in security, they're certainly not alone. Big businesses often can't see the benefit of investing in cyber security either. Well, not until they get hacked anyway and then find out what it costs to recover from said hack. Along with the sheer dollar cost, there are a number of 'hidden' costs, not the least of which is the damage to their reputation which, when all is said and done, can end up being the most costly part of the intrusion. With all the hacks that have been in the news in the past few years, big businesses are starting to realize they need to invest in computer security but, by and large, many are way behind the curve on this.
But it's not just the big businesses that are at risk. More recently, hackers have been turning their attention to small and medium businesses. These tend to be easy targets as most of them can't afford any real type of computer security. As a result, they get hit with ransomware and either pony up the ransom or, sadly, go out of business.
Add to that the fact that modern-day hackers are much, much, MUCH more advanced than they were in the past and it's a recipe for disaster. The hacker only needs to be right once and they're in. And once they're in, they're pretty much free to do whatever they want. They can roam around your network, undetected, installing malware, exfiltrating data, or setting up a Command and Control server for later use. You name it, they can do it.
As for defending against intrusions, a firewall is just a small piece of the puzzle. Intrusion Prevention Systems, Intrusion Detection Systems, Web Application Firewalls, email scanners, endpoint security software (anti-malware, anti-spyware, host-based firewalls, etc) are but a few of the tools in a rather long list of what is needed to defend against modern computer security threats. Add to that the team of computer security experts required to put the tools in place, keep everything up-to-date, monitor for signs of possible intrusions or suspicious behavior, be on call 24/7 in order to respond security incidents, etc. and you can see where the costs can add up pretty quickly.
It's not trivial to protect computer infrastructure from the modern-day hacker groups. Not by any means. Even if you do all of the above and more and do everything right, all it takes is one careless user or a zero-day exploit and the hackers are in. And once that happens, all bets are off.
radius777
(3,635 posts)are inherently insecure, and were built that way. We're just too 'open' to hostile countries (and their hackers) who have nothing better to do than sit around and launch attacks. We're sitting ducks. Only our gov't and Big Tech can solve this.
Most attacks originate from outside the Western world (Russia, China, etc) who know they will not face legal consequences. If there was a way to blacklist traffic from those countries at the backbone level (even if coming through proxies) that would be a start.
Then we would only have to worry about attacks coming from within the Western world, but then they would face legal consequences.
GoCubsGo
(32,083 posts)The hospital in my town came under a ransomware attack a few weeks ago.
OAITW r.2.0
(24,468 posts)Attack Hospitals now. And then hit the election sysytem. Russia makes Trump President? Civil War starts....Putin wins.
Horse with no Name
(33,956 posts)radius777
(3,635 posts)that many IT people simply don't understand. The typical security (firewalls, passwords, anti-virus) won't stop it as it tends to get in via phishing emails and links that users click on. Training users, disabling all unnecessary services (to reduce the 'attack surface'), applying all patches and running anti-ransomware software - is the only way to defeat it.
Big Tech and our gov't should be doing much more, but we know they won't, so it's on IT departments and computer owners to take the proper steps.
MoonlitKnight
(1,584 posts)And the threat is constant and been going on for years.
In addition to layers of security, including ongoing education, good backups to an isolated source can defeat some ransom ware attacks.
They go after the easy targets, which include government and hospitals and businesses that think they can cut corners.
Horse with no Name
(33,956 posts)However, I think the hospitals are a cover and they will attack them first and then the election.
OAITW r.2.0
(24,468 posts)They are totally aware. The hits are on systems that aren't part of a hi-tech hospital consolidations/networks.
TwilightZone
(25,471 posts)Russia is just one of many countries who encourage this kind of thing.
OAITW r.2.0
(24,468 posts)Fuck up Hospitals + Elections = Maximum Chaos.
And if we find out that the attack came from Moscow......is this an act of war? I think so.
Hekate
(90,681 posts)Right now its hospitals; earlier on it was some business function & Microsoft dealt with it or tried to; and now election systems are implicated. Russia. It always leads back to Russia.
Our entire infrastructure is at risk, though they didnt mention that. How would you like all the traffic lights to go out? How about water and heat?
Obama and Biden were hard at taking care of this problem, then Trump was elected and opened the door wide.
Then Rachel moved on to Turkey & Erdogan, and how it was that Erdogan wanted Preet Bharara specifically to be fired, and lo and behold, he was.
I was trying to fix dinner while listening to Rachel and had the fan over the stove whooshing, so Ill catch her on the rerun later.
OAITW r.2.0
(24,468 posts)He is selling us out to Russia and with the most radical RW religious aspects of our society. No Sale.
albacore
(2,398 posts)He's got SO many balls to juggle, but at least he acknowledges that there is a problem... we ARE under attack.
trump ignores the cyberattacks like he ignores the virus.
I am NOT saying go to war... but don't we have cyber-warriors? If not, we better find them, and let the Space Force fade for a while.
OAITW r.2.0
(24,468 posts)We will be taking a sharp left with hardly no signage.
OAITW r.2.0
(24,468 posts)We need an Inner Space Force. Inner being Cyber.
coti
(4,612 posts)I wouldn't mind a few well-placed cruise missiles taking out the assholes responsible for this four years of hell in our country.
Klaralven
(7,510 posts)Part of the difficulty is technical because the internet was designed by many idealistic people.
Part of the difficulty is political because the US government has resisted implementation of strong cryptographic security in order to preserve the ability to read intercepted communications and data media.
Part of the difficulty is economic, because security requires expertise, diligence, extra work and expense.
On the other hand, continuous attacks means that we have continuous practice in countering and recovering from them.