• Prison Mike
    link
    fedilink
    English
    283 months ago

    I like the “ransomware scumbag” language but at the same time, it feels like companies only give a shit about security after an incident.

    • Buelldozer
      link
      fedilink
      English
      11
      edit-2
      3 months ago

      I dunno, with Healthcare the larger the organization the more serious they take it. A small practice may basically ignore it but by the time you get to be the size of UMC, the Hospital named in the article, they’re typically spending many millions of dollars annually on CyberSecurity.

      The problem is that they’re stuck playing defense. They have to get it right every time but the attackers only have to get lucky once. They could successfully repel 10,000 attempts Monday through Saturday but then on Sunday they only repel 9,999 'cuz Bored Bob the maintenance guy clicked a new zero-day in their email and now they’re in the news.

      • @[email protected]
        link
        fedilink
        English
        83 months ago

        This is an American hospital.

        You can’t justify the security costs on this quarter’s numbers, so we’re gonna have to fire the whole team except Scruffy who changes tapes on the new tape lib that nothing uses.

        They’re gonna outsource the management to some group in Estonia but Deloitte can’t get here to start planning the finances of the project to scope the work to manage the admin programme for another 6 months.

  • Kalkaline
    link
    fedilink
    English
    123 months ago

    Damn, that’s going to be like 3 emails and a cyber security video for me.

    • @njordomir
      link
      English
      103 months ago

      Yup, with a minimum completion time of 1 hour for the video training and the policies you have to read afterwards. Also remember not to click the super obvious phishing emails that obviously came straight from your own IT department. :D

  • @PostaL
    link
    English
    43 months ago

    Why would a hospital have to turn away ambulances if their computers don’t work? They have phones and radio…

    • @BURN
      link
      English
      43 months ago

      Generally these computer systems do access control, patient charting, intake management and most other critical functions, just like the rest of the world.

      Blood banks and controlled medicines are likely gated behind access controlled doors, and without either it could cause major impacts to the ability to save lives

    • @[email protected]
      link
      fedilink
      English
      33 months ago

      The workforce is too adapted to suddenly go back to doing everything on paper without making serious mistakes.

      That plus not being able to access data that may only be available digitally for the same reason

    • @[email protected]
      link
      fedilink
      English
      12 months ago

      I would assume if they were the ONLY hospital in Lubbock it would be different but it seems like there are plenty of other hospitals, albeit not level one trauma centers. I wonder if the area has “diversion” protocols already. The vast majority of patients transported by ambulances don’t need level one trauma centers so its probably more nothingburger than the article is making it out to be

  • asudox
    link
    fedilink
    English
    23 months ago

    That is why you don’t use such operating systems in criticial systems.