User Panel
Posted: 5/10/2024 6:57:13 PM EDT
So... who is next? Because hospital IT security is obviously a shit show.
https://www.wmar2news.com/local/ascension-one-of-the-largest-healthcare-systems-is-under-a-cyberattack 05/08/2024 BALTIMORE — Ascension, one of the largest private healthcare systems in the U.S., is experiencing a cyberattack. “At this time, we continue to investigate the situation," says Justin Blome, the director of marketing at Ascension Saint Agnes. "We responded immediately, initiated our investigation, and activated our remediation efforts.” He goes on to say that "clinical operations have been interrupted" and the staff at Saint Agnes is fully prepared for these types of scenarios. Ascension has tapped the shoulder of Mandiant, a cybersecurity firm, to help them play defense and fix the issue. Both companies are working together to ensure that no vital patient information has been compromised. Ascension says it will contact any person who may have been affected by the cyberattack. To prevent any collateral damage, the healthcare company has told all its major partners to temporarily disconnect from the Ascension system until the attack is over. 05/10/2024 Cyberattack forces major US health care network to divert ambulances from hospitals https://www.cnn.com/2024/05/10/tech/cyberattack-ascension-ambulances-hospitals/index.html A major US health care system said Thursday that it is diverting ambulances from “several” of its hospitals following a cyberattack this week. The cyberattack on Ascension, a St. Louis-based nonprofit network that includes 140 hospitals in 19 states, is also disrupting access to electronic health records, some phone systems and “various systems utilized to order certain tests, procedures and medications,” Ascension said in a statement distributed Thursday evening. The sprawling health care network, which also owns 40 senior living facilities, said that it would be using “downtime procedure for some time,” because of the cyberattack. Downtime procedures are typically when health providers revert to backup processes, including paper records, that allow them to care for patients when computers are down. Four sources briefed on the investigation told CNN that Ascension suffered a ransomware attack, in which cybercriminals typically try to lock computers and steal data for extortion. Those sources said that the type of ransomware used in the hack is known as Black Basta, which hackers have used repeatedly to attack health care organizations in recent years. Black Basta, also the name of a broad criminal group that uses the ransomware, includes Russian-speakers, according to the Department of Health and Human Services. On Friday, the Health Information Sharing and Analysis Center, a cyber threat sharing group for big health care providers worldwide, published an advisory warning that hackers using Black Basta ransomware have “recently accelerated attacks against the healthcare sector.” That includes at least two health care organizations in Europe and the US that in the last month have “suffered severe operational disruptions” because of Black Basta ransomware,” the advisory said, without naming the health care organizations. News of the hack of Ascension broke on Wednesday, and Ascension has in the last 24 hours followed a familiar playbook for many American organizations that have been assaulted by cybercriminals. Ascension has notified federal authorities of the incident, hired prominent US cybersecurity firm Mandiant to recover from the incident and shut down systems to try to keep the incident under control. Senior US officials have been in repeated contact with Ascension CEO Joseph Impicciche since the ransomware attack to understand how the hack might impact patient care, two sources familiar with the matter told CNN. “We are actively supporting our ministries as they continue to provide safe, patient care with established downtime protocols and procedures, in which our workforce is well trained,” Ascension said in its statement Thursday evening. It was not clear how many Ascension hospitals were sending ambulances to other locations because of the cyberattack. Ascension spokesperson Gene Ford did not respond to calls and emails seeking comment. It’s only the latest major hacking incident that has hobbled a big US health care network and sent US officials scrambling to offer support. A February ransomware attack on Change Healthcare, a subsidiary of health care giant UnitedHealth Group, caused billing disruptions at pharmacies across the US and threatened to put some health providers out of business. A third of Americans may have had their personal data swept up in the hack, UnitedHealth CEO Andrew Witty estimated in testimony to Congress this month. UnitedHealth paid a $22 million ransom to the cybercriminals to try to protect patient data, Witty said. That Change Healthcare hack incensed US lawmakers and prompted questions across the federal government about the vulnerability of America’s health care system to disruptive cyberattacks with cascading impacts — questions that the cyberattack on Ascension will do nothing to assuage. |
|
Heller II - Challenging DC's bans on semi-automatic rifles, large-capacity ammunition feeding devices, and its onerous and expensive handgun registration process. http://www.HellerFoundation.org/
|
A ransomware attack?
Mandiant are good people and will be able to give the company an idea of why their database was attacked. No backups? |
|
Celebrating the remains of the Second Amendment one Fine Firearm at a Time. It was better here before.
|
It was the source of much chatter in my system today.
|
|
Wanted: Bikini cover for old school Trijicon 1x24 Reflex sight. IM please.
|
My wife is at an Ascension hospital right now and their system has been down for the past 5 days.
My son was at U of M hospital in Ann Arbor today and he texted me that their system was down also. |
|
I support LGBTQ =Let's Get Biden To Quit.
|
Hmmm... I sense a career opportunity. Likely going to be some vacant ciso and cio positions soon...
|
|
|
We are getting their patients. They are on diversion.
|
|
Those who beat swords into plowshares usually end up plowing for those who don't. --Benjamin Franklin.
|
If only they hired a few more redundant vice presidents, this all could have been avoided.
|
|
|
Goddammit. I dint think theyre one of our customers.
So many massive enterprises cheap the fuck out on data security for critical shit. IM LOOKING AT YOU USAA….. not maintaining a pre-live environment. Then fucking up a cloned prod to test an upgrade but not disconnecting the two and fucking up a month of data |
|
|
lets just say ITS BEEN BRUTAL.
|
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
They need to go back to keeping your medical records in a filing cabinet.
|
|
Those who ignore history are doomed to repeat it.. |
Going to become more common with Change Healthcare paying the ransom earlier this year.
|
|
What is written is my opinion, and my opinion only.
|
I survived the cockpocalypse of 11/21/2012.
Bacon grease, the Muslim approved .mil lubricant. |
Those who ignore history are doomed to repeat it.. |
Yeah we shut down some tunnels yesterday because of this.
|
|
|
CIO = Career Is Over
CISO = Career Is So Over |
|
|
Why can't they pay the ransom and the world government track it and go scorched earth skull fucking on the hackers?
|
|
|
The hospital system I used to work for was hit in one of these attacks. Thankfully I missed the first week due to being on vacation for muzzleloader elk season.
These ransomware and scammer types should be hunted down and killed. Letters of marquee and reprisal for all! I'd be willing to go TDY to shoot some Nigerians, Indians, Chinamen, or whoever in the face. |
|
|
Their president deserves a 40% raise for recognizing they are under attack.
|
|
|
Originally Posted By klutz347: My wife is at an Ascension hospital right now and their system has been down for the past 5 days. My son was at U of M hospital in Ann Arbor today and he texted me that their system was down also. View Quote As a patient or working? If a patient if at all possible get her out now to somewhere that is operational! |
|
|
|
Heller II - Challenging DC's bans on semi-automatic rifles, large-capacity ammunition feeding devices, and its onerous and expensive handgun registration process. http://www.HellerFoundation.org/
|
|
|
|
St Francis in Tulsa got hit
haggled with the perps over the ransom. paid them, ended the attack FBI was pissed at them for negotiating with them without the FBI being involved and then paying the ransom. ARDENT got hit was down for 4-6 weeks. canceling surgeries, procedures..etc. I've put in 12 hours of OT in the past 3 days and have to go in tomorrow and possibly sunday. words cannot adequately explain the pile of shit this has caused where I work. |
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
I'm still dealing with repercussions from the Change Healthcare attack in February. Fucking huge pita.
|
|
A chance to cut is a chance to cure
Life Member: AR15.com, NRA, NYSRPA, SAF Team Ranstad VCDL Callsign: Sawbones |
Is this related to Ascension's decision to hire ~500 H1B workers over the past few years?
|
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Somewhere in the middle of hardcore Conservative and Libertarian.
|
Originally Posted By OKnativeson: absolutely. their IT dept made me want to throw cats into lawnmowers some days. View Quote
|
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Lack of nurses.
Doctors are owned by the AMA and CDC and hospital owners. Big pharma bribing and lying. Processed foods. Virtually no digital security. (Hippa LOL) Illegals flooding the system and not paying a dime. That is where we are. |
|
|
1. Ascension management decided to fire the Americans, and give control of their financial/medical systems to cheap Indian workers.
2. Now the Russian group (Black Basta) has hijacked Ascension systems from the Indians. 3. Most of Ascension's business operations have been shut down since Thursday. My only question is: why is anyone surprised about #2 and #3? |
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Yet another healthcare system that cut every possible corner on their IT infrastructure, and is going to get fucked hard and proper as a result.
|
|
Abolish the FBI, ATF, and the NSA.
Any citizen accused of a crime is presumed innocent until bankrupted beyond all reasonable doubt. |
Was told by someone that works at one of there hospitals the younger nurses are lost because all they know is doing everything electronically.
|
|
|
Meh. UHS got hit a few years ago and we ran the hospitals without computers for almost a month. Big deal.
|
|
|
Originally Posted By LurchAddams: 1. Ascension management decided to fire the Americans, and give control of their financial/medical systems to cheap Indian workers. 2. Now the Russian group (Black Basta) has hijacked Ascension systems from the Indians. 3. Most of Ascension's business operations have been shut down since Thursday. My only question is: why is anyone surprised about #2 and #3? View Quote actually its more than just Ascension. its also business partners with integrated systems. it was all locked down on Wednesday. I've put in almost 60 hours so far. I would just like everyone to know that I have a 100% BeSafe rating at my facility on their own internal checks and balances/tests of my personal email use there. it wasn't me who let the team down. actually I always think its down with a Mole on the inside of the IT program. |
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
Originally Posted By SARS: As a patient or working? If a patient if at all possible get her out now to somewhere that is operational! View Quote thats what downtime forms are for. Its operational, just impacted. We're so tied into EMRs it just makes things more difficult/slower than usual. Definitely not anywhere close to ideal but able to function. |
|
They shall grow not old, as we that are left grow old:
Age shall not weary them, nor the years contemn. At the going down of the sun and in the morning We will remember them. |
They offshored their IT to India a few years ago. Surprise, surprise, surprise.
|
|
|
hearing this is never good
|
|
|
Originally Posted By Voland: Hmmm... I sense a career opportunity. Likely going to be some vacant ciso and cio positions soon... View Quote I don’t get anything when I google ciso, but this is their cio. https://about.ascension.org/en/our-work/ascension-technologies/gagan-singh Attached File |
|
|
Originally Posted By MHowski: I don’t get anything when I google ciso, but this is their cio. https://about.ascension.org/en/our-work/ascension-technologies/gagan-singh https://www.ar15.com/media/mediaFiles/473532/IMG_1907_jpeg-3212263.JPG View Quote View All Quotes View All Quotes Originally Posted By MHowski: Originally Posted By Voland: Hmmm... I sense a career opportunity. Likely going to be some vacant ciso and cio positions soon... I don’t get anything when I google ciso, but this is their cio. https://about.ascension.org/en/our-work/ascension-technologies/gagan-singh https://www.ar15.com/media/mediaFiles/473532/IMG_1907_jpeg-3212263.JPG Was it Mr. Singh who decided to outsource the IT department? Did they get replaced by Wipro? The aftermath of this (as J. Gallagher used to say) is gonna be fuck-n-funny. |
|
|
While my place has "downtime" procedures, I'll tell you...it's a spare tire at best. It ABSOLUTELY negatively impacts patient care on a widespread level. From lab, to radiology, to medical records. We went down for 2 days after a hurricane and were dealing with the repercussions for 6 months. Modern healthcare can't run without computers anymore than a huge airport can just "go paper".
|
|
|
Originally Posted By AnalogKid: Was it Mr. Singh who decided to outsource the IT department? Did they get replaced by Wipro? The aftermath of this (as J. Gallagher used to say) is gonna be fuck-n-funny. View Quote View All Quotes View All Quotes Originally Posted By AnalogKid: Originally Posted By MHowski: Originally Posted By Voland: Hmmm... I sense a career opportunity. Likely going to be some vacant ciso and cio positions soon... I don’t get anything when I google ciso, but this is their cio. https://about.ascension.org/en/our-work/ascension-technologies/gagan-singh https://www.ar15.com/media/mediaFiles/473532/IMG_1907_jpeg-3212263.JPG Was it Mr. Singh who decided to outsource the IT department? Did they get replaced by Wipro? The aftermath of this (as J. Gallagher used to say) is gonna be fuck-n-funny. Singh is replacing Gerry Lewis, who during his time as CIO oversaw layoffs and the outsourcing of tech support in Ascension’s technologies team. https://www.healthcaredive.com/news/ascension-current-chief-data-officer-new-cio-gagan-singh/624652/ |
|
|
Originally Posted By R3L04D: Change is not in good shape. They've been down for months View Quote View All Quotes View All Quotes Originally Posted By R3L04D: Originally Posted By exponentialpi: Going to become more common with Change Healthcare paying the ransom earlier this year. Shit happens when you fire your top third to bring in cheap H1B's to make the balance sheet better for the merger. Couple that with their DR being mostly theoretical and pie in the sky, to boot. Been tracking somewhat with some former co-workers, and all I can say is they get what they deserve, it's a shame they fucked everyone else with their money grab. |
|
|
Originally Posted By scoutfsu99: thats what downtime forms are for. Its operational, just impacted. We're so tied into EMRs it just makes things more difficult/slower than usual. Definitely not anywhere close to ideal but able to function. View Quote View All Quotes View All Quotes Originally Posted By scoutfsu99: Originally Posted By SARS: As a patient or working? If a patient if at all possible get her out now to somewhere that is operational! thats what downtime forms are for. Its operational, just impacted. We're so tied into EMRs it just makes things more difficult/slower than usual. Definitely not anywhere close to ideal but able to function. Nowhere I've ever worked is even remotely efficient during downtime. Important therapies and drugs are often delayed or missed. A lot of the downtime forms I've seen are horribly inefficient printouts of electronic forms that are nearly unreadable due to being long and awkward. Going into downtime isn't a shift back to when there was an efficient paper process. It's a total shit show. Difficult and slower is a big fucking deal when caring for critically ill patients. I'd like to see the leadership of these organizations that replace competent Americans with shitty third worlders to save a buck in the short term be punished appropriately. It won't happen of course. |
|
|
Originally Posted By SARS: Nowhere I've ever worked is even remotely efficient during downtime. Important therapies and drugs are often delayed or missed. A lot of the downtime forms I've seen are horribly inefficient printouts of electronic forms that are nearly unreadable due to being long and awkward. Going into downtime isn't a shift back to when there was an efficient paper process. It's a total shit show. Difficult and slower is a big fucking deal when caring for critically ill patients. I'd like to see the leadership of these organizations that replace competent Americans with shitty third worlders to save a buck in the short term be punished appropriately. It won't happen of course. View Quote View All Quotes View All Quotes Originally Posted By SARS: Originally Posted By scoutfsu99: Originally Posted By SARS: As a patient or working? If a patient if at all possible get her out now to somewhere that is operational! thats what downtime forms are for. Its operational, just impacted. We're so tied into EMRs it just makes things more difficult/slower than usual. Definitely not anywhere close to ideal but able to function. Nowhere I've ever worked is even remotely efficient during downtime. Important therapies and drugs are often delayed or missed. A lot of the downtime forms I've seen are horribly inefficient printouts of electronic forms that are nearly unreadable due to being long and awkward. Going into downtime isn't a shift back to when there was an efficient paper process. It's a total shit show. Difficult and slower is a big fucking deal when caring for critically ill patients. I'd like to see the leadership of these organizations that replace competent Americans with shitty third worlders to save a buck in the short term be punished appropriately. It won't happen of course. And that’s just for current operations. It’s impossible to look up most patient histories when the emr is down. Right now Ascension is telling their employees that systems will be down for the next two weeks. Anything elective is getting canceled and anything serious is getting diverted Originally Posted By klutz347: My wife is at an Ascension hospital right now and their system has been down for the past 5 days. My son was at U of M hospital in Ann Arbor today and he texted me that their system was down also. U of M downtime is unrelated. |
|
|
Originally Posted By MHowski: I don't get anything when I google ciso, but this is their cio. https://about.ascension.org/en/our-work/ascension-technologies/gagan-singh https://www.ar15.com/media/mediaFiles/473532/IMG_1907_jpeg-3212263.JPG View Quote US News ranked GNDU #1771 of 2000 international colleges. https://collegedunia.com/university/25784-guru-nanak-dev-university-gndu-amritsar/ranking |
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Originally Posted By elmidgeto: Shit happens when you fire your top third to bring in cheap H1B's to make the balance sheet better for the merger. Couple that with their DR being mostly theoretical and pie in the sky, to boot. Been tracking somewhat with some former co-workers, and all I can say is they get what they deserve, it's a shame they fucked everyone else with their money grab. View Quote Ascension fired 650+ Americans in 2021, and replaced them with 500+ cheap H1B and Tech Mahindra contract workers. https://www.stltoday.com/news/local/business/ascension-technologies-to-lay-off-651-out-of-state-workers/article_85aae611-0845-5dca-89ee-ecb8603cb7e5.html In the last year or so, they replaced most of the Tech Mahindra workers with even cheaper Deloitte contract workers. Their next step will be to hire another cheap Indian company that sells them a plan for cleaning up this mess. |
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Originally Posted By LurchAddams: Ascension's CIO has only a bachelor's degree from India's GNDU? LOL. US News ranked GNDU #1771 of 2000 international colleges. https://collegedunia.com/university/25784-guru-nanak-dev-university-gndu-amritsar/ranking View Quote having been an Ascension employee at one time, this should come as no surprise from that level of decision making. that company destroys good hospitals. I cannot adequately explain the difficulty of dealing with Ascension IT service and problem troubling shooting. the folks are the local hospitals are pretty good, but anything dealing with outside those parameters caused our life to be hell. |
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
|
That happened Thursday..... its been a shit show for them.
|
|
"Out of every one hundred men, ten shouldn't be there. Eighty are just targets. Nine are the real fighters, and we are glad to have them. For they make the battle. Ah! But THE one! The One is a WARRIOR, and he will bring the others home." -Heraclitus
|
Originally Posted By SARS: The hospital system I used to work for was hit in one of these attacks. Thankfully I missed the first week due to being on vacation for muzzleloader elk season. These ransomware and scammer types should be hunted down and killed. Letters of marquee and reprisal for all! I'd be willing to go TDY to shoot some Nigerians, Indians, Chinamen, or whoever in the face. View Quote https://www.justice.gov/opa/pr/us-charges-russian-national-developing-and-operating-lockbit-ransomware The U.S. Justice Department unsealed charges today against a Russian national for his alleged role as the creator, developer, and administrator of the LockBit ransomware group from its inception in September 2019 through the present. At times, LockBit was the most prolific ransomware group in the world. Khoroshev allegedly acted as the LockBit ransomware group’s developer and administrator from its inception in or around September 2019 through May 2024. Khoroshev and his affiliate coconspirators, grew LockBit into what was, at times, the most active and destructive ransomware variant in the world. The LockBit ransomware group attacked more than 2,500 victims in at least 120 countries, including 1,800 victims in the United States. LockBit victims included individuals, small businesses, multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Khoroshev and his co-conspirators extracted at least $500 million in ransom payments from their victims and caused billions of dollars in broader losses, such as lost revenue, incident response, and recovery. n addition, as previously announced, law enforcement developed decryption capabilities that may enable hundreds of victims around the world to restore systems encrypted using the LockBit ransomware variant. Victims targeted by this malware are encouraged to contact the FBI at https://lockbitvictims.ic3.gov/ to enable law enforcement to determine whether affected systems can be successfully decrypted. |
|
|
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.