User Panel
|
Originally Posted By SARS: Nowhere I've ever worked is even remotely efficient during downtime. Important therapies and drugs are often delayed or missed. A lot of the downtime forms I've seen are horribly inefficient printouts of electronic forms that are nearly unreadable due to being long and awkward. Going into downtime isn't a shift back to when there was an efficient paper process. It's a total shit show. Difficult and slower is a big fucking deal when caring for critically ill patients. I'd like to see the leadership of these organizations that replace competent Americans with shitty third worlders to save a buck in the short term be punished appropriately. It won't happen of course. View Quote spot on. its a legitimate nightmare. patient care is completely jeopordized. without a doubt people will die and or be incapacitated in some way from the situation. we broke all 4 heavy duty system copiers on friday making triplicate copies for lab reporting. stalled everything. when you run critically low staffed personnel levels with all systems operating correctly, downtime takes 4-6X people or even more. there is no one to handle it. even if it were all corrected and we were back up running monday or tuesday, it would take a month for all results to be entered into the LIS system. I could go into further details of the situation on my end, but I think I would be in a very gray area with Corporate. the situation is critical. |
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
Originally Posted By PacNW5: https://www.justice.gov/opa/pr/us-charges-russian-national-developing-and-operating-lockbit-ransomware The U.S. Justice Department unsealed charges today against a Russian national for his alleged role as the creator, developer, and administrator of the LockBit ransomware group from its inception in September 2019 through the present. At times, LockBit was the most prolific ransomware group in the world. Khoroshev allegedly acted as the LockBit ransomware group’s developer and administrator from its inception in or around September 2019 through May 2024. Khoroshev and his affiliate coconspirators, grew LockBit into what was, at times, the most active and destructive ransomware variant in the world. The LockBit ransomware group attacked more than 2,500 victims in at least 120 countries, including 1,800 victims in the United States. LockBit victims included individuals, small businesses, multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Khoroshev and his co-conspirators extracted at least $500 million in ransom payments from their victims and caused billions of dollars in broader losses, such as lost revenue, incident response, and recovery. n addition, as previously announced, law enforcement developed decryption capabilities that may enable hundreds of victims around the world to restore systems encrypted using the LockBit ransomware variant. Victims targeted by this malware are encouraged to contact the FBI at https://lockbitvictims.ic3.gov/ to enable law enforcement to determine whether affected systems can be successfully decrypted. View Quote we should sanction russia. that would teach them. |
|
|
Didn't United Healthcare go through this a month or two ago. i think they paid.
|
|
|
For since the creation of the world God’s invisible qualities, His eternal power and divine nature, have been clearly seen, being understood from His workmanship, so that men are without excuse.
|
Originally Posted By Kingdead: At this point let's do it. I'm not saying the US is innocent in foreign affairs, but fucking with healthcare is universally not beneficial to mankind. View Quote View All Quotes View All Quotes Originally Posted By Kingdead: Originally Posted By Bubbles: We'd likely end up going to war with Russia. Has this been proved to be a Russian Government operation? |
|
For since the creation of the world God’s invisible qualities, His eternal power and divine nature, have been clearly seen, being understood from His workmanship, so that men are without excuse.
|
Originally Posted By brahm: Didn't United Healthcare go through this a month or two ago. i think they paid. View Quote The impacts of that are still ongoing, vendors and providers all across the country got hosed, and at minimum, needed to refile up to a months worth of claims (and pay for the privilege). |
|
|
|
Originally Posted By brahm: Didn't United Healthcare go through this a month or two ago. i think they paid. View Quote Change Healthcare/Optum Insight. Owned by UHG, but not the insurance provider. Medical, dental, and vision claims processing, routing, and analytics. Along with ~95% of the e-prescriptions in the US, and something like 98% of the not in house lab orders and results publishing. Amongst other, lesser criticality items in the healthcare data space. |
|
|
Critical equipment should be airgapped from the internet.
So should patient data. |
|
|
this is the 3rd or 4th data breach for them in the last 4-5 years. i know several people that have and continue to work for them in IT. shitshow is an understatement.
healthcare at best is 10-20 years behind the industry when it comes to security. i deal with facilities everyday that don't even have security. We dealt with a hospital a couple of years ago that got hit. they had a firewall because their cyber insurance mandated it. it was racked plugged in and looked pretty. Had never been configured. traffic rules were any/any and the default install password never changed. they were "complaint" for insurance. This is the general state of IT security in the majority of healthcare today. if you want a good laugh read the congressional testimony on the change healthcare breach. 70% of the market share of pharmacy billing and the level of just outright negligence is astounding. Executives need to be in jail for that one. |
|
|
|
My dr's office went through a ransomware attack recently. Sign of the times
|
|
|
a lot of folks don't realize this is bigger than 1 healthcare group getting hit and going offline.
Their facilities have data connections to other facilities in the areas as well. those facilities now have to sever connections and begin threat hunting internally to ensure nothing crossed to them as well. we are going to likely find blackbasta was in their network for months before encrypting them. That's the norm for that group. no telling what 3rd party fallout may come from this as well. |
|
|
Originally Posted By The_Beer_Slayer: This is the general state of IT security in the majority of healthcare today. if you want a good laugh read the congressional testimony on the change healthcare breach. 70% of the market share of pharmacy billing and the level of just outright negligence is astounding. Executives need to be in jail for that one. View Quote And that's what they couldn't hide, explain away, or throw someone under the bus for. Three months of a genuine security audit would have you ready to burn down data centers. It was way worse than what the testimony would have you believe. Sadly, prior to the silicone valley pirates moving in to the C-suite and reimagining the company, Emdeon had pretty good security and network design. |
|
|
Originally Posted By M82Assault: Critical equipment should be airgapped from the internet. So should patient data. View Quote Not possible, patient info has to be sent to insurance companies, legal firms, outside labs, healthcare companies, other hospitals, etc. Hospital cybersecurity should be of paramount importance but is often an afterthought or underfunded. There is a lot of moving pieces for a hospital to function securely |
|
|
As much as I despise all the various stuff my company's IT security team has in place, things like this remind me why.
|
|
"GD: serious answers to ridiculous questions and ridiculous answers to serious questions" --Naamah
|
Originally Posted By exponentialpi: Going to become more common with Change Healthcare paying the ransom earlier this year. View Quote They've all paid. CHI paid, UHG paid, Ascension will pay, and there are even more you haven't heard about who paid. That's the entire reason it keeps happening. In the end, everyone in healthcare pays. |
|
|
Originally Posted By The_Beer_Slayer: a lot of folks don't realize this is bigger than 1 healthcare group getting hit and going offline. Their facilities have data connections to other facilities in the areas as well. those facilities now have to sever connections and begin threat hunting internally to ensure nothing crossed to them as well. we are going to likely find blackbasta was in their network for months before encrypting them. That's the norm for that group. no telling what 3rd party fallout may come from this as well. View Quote We have a huge increase in processing because of all the providers that have lost EDI because of Change. I suspect more soon after this Ass-cension thing. |
|
subversive orchestrator
|
Originally Posted By elmidgeto: And that's what they couldn't hide, explain away, or throw someone under the bus for. Three months of a genuine security audit would have you ready to burn down data centers. It was way worse than what the testimony would have you believe. Sadly, prior to the silicone valley pirates moving in to the C-suite and reimagining the company, Emdeon had pretty good security and network design. View Quote View All Quotes View All Quotes Originally Posted By elmidgeto: Originally Posted By The_Beer_Slayer: This is the general state of IT security in the majority of healthcare today. if you want a good laugh read the congressional testimony on the change healthcare breach. 70% of the market share of pharmacy billing and the level of just outright negligence is astounding. Executives need to be in jail for that one. And that's what they couldn't hide, explain away, or throw someone under the bus for. Three months of a genuine security audit would have you ready to burn down data centers. It was way worse than what the testimony would have you believe. Sadly, prior to the silicone valley pirates moving in to the C-suite and reimagining the company, Emdeon had pretty good security and network design. here's the dirty little secret. many times audits have been done at the base level as they can be required for compliance and insurance requirements. these findings are almost never unknowns for them. employees and auditors knew full well these were problems, managers simply ignored them and either hid them from execs that legit do not want to know so they don't have to spend money to fix them. it becomes secondary risk acceptance through complacency as they have a culture bad communication and leadership. |
|
|
https://therecord.media/black-basta-ransomware-alert-healthcare-fbi-cisa-hhs
After Ascension ransomware attack, feds issue alert on Black Basta group Several U.S. government agencies warned that the Black Basta ransomware gang is targeting the healthcare industry and 12 of the 16 critical infrastructure sectors. In a Friday afternoon advisory, the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and Department of Health and Human Services (HHS) said Black Basta has attacked at least 500 organizations globally between April 2022 and May 2024. According to the agencies, the ransomware-as-a-service gang typically breaches organizations through phishing attacks and known vulnerabilities but does not provide ransom demands or payment information immediately. Victims are given a unique code and link to communicate with the ransomware gang. Many victims are given between 10 and 12 days to pay a ransom before stolen data is published. The advisory comes after CNN reported on Thursday night that four sources said the Black Basta ransomware was behind the attack on nonprofit healthcare system Ascension. The Catholic organization runs hundreds of hospitals across the U.S. and has been forced to turn away ambulances, revert to paper records and cancel non-emergency appointments this week due to the technology outages caused by the incident. Several federal agencies, including HHS and the FBI are involved in the recovery effort. An HHS spokesperson told Recorded Future News that the department is in communication with Ascension Leadership “to understand their efforts to minimize any disruptions to patient care.” “This incident serves as an important reminder of the urgency of strengthening cybersecurity resiliency in healthcare. HHS encourages all providers, technology vendors, payers, and members of the healthcare ecosystem to double down on cybersecurity,” they said. The departments said that in February, Black Basta affiliates began exploiting CVE-2024-1709, a vulnerability affecting ConnectWise’s ScreenConnect which allows for secure remote desktop access and mobile device support. The bug was immediately used by several ransomware gangs when it emerged and caused panic because of its widespread usage among managed service providers (MSPs). Friday’s advisory warned that affiliates also use tools like the SoftPerfect network scanner to search networks for vulnerable tools. Other vulnerabilities exploited by the group include ZeroLogon, NoPac and PrintNightmare, according to the agencies. The agencies specifically warned that healthcare organizations “are attractive targets for cybercrime actors due to their size, technological dependence, access to personal health information, and unique impacts from patient care disruptions.” HHS said last year that the group “may even be a rebrand of the Russian-speaking RaaS threat group Conti, or also linked to other Russian-speaking cyber threat groups.” Industry group Health-ISAC released its own advisory on Friday about Black Basta and said data shows it has extorted at least $100 million dollars since its emergence. “In the past month, at least two healthcare organizations, in Europe and in the United States, have fallen victim to Black Basta ransomware and have suffered severe operational disruptions,” Health-ISAC said. “Taking these latest developments into consideration, Health-ISAC has assessed that Black Basta represents a significant threat to the healthcare sector.” Black Basta has taken credit for brazen attacks on the Dish Network, the American Dental Association, British outsourcing company Capita, Swiss tech giant ABB and German arms company Rheinmetall. Since emerging, it has become the fourth-most active strain of ransomware based on the number of victims tracked over the last year, according to one report. |
|
|
https://therecord.media/cybersecurity-regulations-healthcare-industry-anne-neuberger-rsa
As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted SAN FRANCISCO — White House official Anne Neuberger said cybersecurity regulations for the healthcare industry are coming, and she questioned the emerging industry backlash to them, citing several recent high-profile incidents where basic measures would have prevented extraordinary harm. Speaking at the RSA Conference on Thursday, Neuberger said government officials have been asking hospitals and healthcare organizations to take basic steps to protect themselves and patient data for more than a decade. Efforts to get the healthcare industry to adopt multi-factor authentication, offline backups and encrypted data have fallen on deaf ears, she explained, prompting the U.S. government to take further action. “People now often say, ‘Well, they're revictimizing the victim,’” by lining up additional regulatory requirements for the industry, said Neuberger, who is the deputy national security adviser for cyber. “And I think we need to look at it as, by the time a Change Healthcare attack happens, when for a decade, we've been calling and saying ‘companies, encrypt your data, use MFA.’ Are they still a victim? Or is there a question of, is this negligence?” It’s fair to say “that there’s an expectation of good housekeeping if you're operating a hospital, if you're operating a pipeline.” she said. She went on to criticize UnitedHealth Group for not having patient data encrypted in Change Healthcare unit, a subsidiary, before it was hacked earlier this year. Neuberger argued that if the data had been properly protected, the ransomware gang that breached company networks would not have been able to do much with it. UnitedHealth CEO Andrew Witty told Congress last week that likely a third of all Americans may have had their information stolen during the ransomware attack on its subsidiary Change Healthcare. Neuberger told the audience that the federal government is currently working with the hospital sector to put in place minimum requirements “to help hospitals ensure that they are doing what they need to to keep patients safe.” “We'll be rolling out a free cybersecurity program to the country’s 1,400 rural [healthcare] networks in the next couple of months. We'll also be rolling out these new cybersecurity rules for hospitals,” she told Recorded Future News after the onstage conversation. |
|
|
The deuce you say.
|
Originally Posted By LurchAddams: Is this related to Ascension's decision to hire ~500 H1B workers over the past few years? View Quote that program needs to end right the fuck now. and then deport all of those visa holders. total scam operation. I've bounced off h1b fools since the late 90s. |
|
The deuce you say.
|
Originally Posted By The_Fly: Yet another healthcare system that cut every possible corner on their IT infrastructure, and is going to get fucked hard and proper as a result. View Quote when you start looking at IT support the way you look at janitors, this is the inevitable result. saw it from the inside for 20+ years at big enterprise, gtfo and now I'm much more relaxed. |
|
The deuce you say.
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
Originally Posted By elmidgeto: Change Healthcare/Optum Insight. Owned by UHG, but not the insurance provider. Medical, dental, and vision claims processing, routing, and analytics. Along with ~95% of the e-prescriptions in the US, and something like 98% of the not in house lab orders and results publishing. Amongst other, lesser criticality items in the healthcare data space. View Quote View All Quotes View All Quotes Originally Posted By elmidgeto: Originally Posted By brahm: Didn't United Healthcare go through this a month or two ago. i think they paid. Change Healthcare/Optum Insight. Owned by UHG, but not the insurance provider. Medical, dental, and vision claims processing, routing, and analytics. Along with ~95% of the e-prescriptions in the US, and something like 98% of the not in house lab orders and results publishing. Amongst other, lesser criticality items in the healthcare data space. Change also ran EDGE servers for some payers and HEDIS support. |
|
What is written is my opinion, and my opinion only.
|
Just so we’re clear: this was a ransomware attack? The kind that requires a user on the network to click a suspect link in an email, which initiates the attack?
|
|
Texas -
Bigger than France. "The trouble with our liberal friends is not that they're ignorant, it's just that they know so much that isn't so." --RWR, 1964 |
is my Hippo compromised?
|
|
|
Originally Posted By Gloftoe: Just so we’re clear: this was a ransomware attack? The kind that requires a user on the network to click a suspect link in an email, which initiates the attack? View Quote this is what is currently reported. early reports have mentioned the screenconnect cve as part of the attack path but these almost all start with a phishing link that gets a machine compromised. |
|
|
Lets face it:
Nearly all IT at every medical institution is outsourcing bigly Security in those outsourcing outfits is shit. Below shit. Front door has lots of gates and locks. Back door is as wide open as a pornstar with a line of coke on the table. Hell, even the "experts" like OKTA, Microsoft, and LastPass have all been in the news cuz they have such a soft underbelly. |
|
|
Originally Posted By 9divdoc: Needing more medical records personnel View Quote life's a bitch. hard to hold paper records ransom. small clinic I supported was/is 100% paper for primary record keeping, they do the required emr shit because they have to. server/software downtime just slows down their ability to schedule new appointments. that's it. son of the founder has the same attitude his father had - computers and networks are for convenience. start relying on them for critical functions and you have now created new methods for your business to fail. claiming it's to save money is ignoring the true costs to keep them secure and redundant enough to recover from simple failures, let alone deliberate attacks. if you don't spend the money to make it redundant and secure, AND TEST IT, you're going to get bit. not a question of if. when. btdt on the enterprise backup side of things. |
|
The deuce you say.
|
Mayo Clinic stops attacks multiple times a day.
No other business has as much information as a healthcare company… |
|
Pone semina in fundas ut aliquid crescat ubi morieris.
WE SEEK NOT YOUR COUNSEL, NOR YOUR ARMS |
Originally Posted By The_Beer_Slayer: https://therecord.media/cybersecurity-regulations-healthcare-industry-anne-neuberger-rsa She went on to criticize UnitedHealth Group for not having patient data encrypted in Change Healthcare unit, a subsidiary, before it was hacked earlier this year. Neuberger argued that if the data had been properly protected, the ransomware gang that breached company networks would not have been able to do much with it. View Quote The ironic part here, is that of the dozen or so copies of the data lake CHC maintenance in various places, about half were encrypted at rest and in flight. The other half were application dependent that required a full DB copy, and at rest or in flight encryption broke those applications hard. The C-suite loved to tout the encrypted and secured portions of the environment, and pull the see no, hear no, speak no routine on the rest. And woe betide any admin, engineer, or ops that tried to improve anything. So damn glad to be done with that place and IT in general. |
|
|
Originally Posted By racer765: life's a bitch. hard to hold paper records ransom. small clinic I supported was/is 100% paper for primary record keeping, they do the required emr shit because they have to. server/software downtime just slows down their ability to schedule new appointments. that's it. son of the founder has the same attitude his father had - computers and networks are for convenience. start relying on them for critical functions and you have now created new methods for your business to fail. claiming it's to save money is ignoring the true costs to keep them secure and redundant enough to recover from simple failures, let alone deliberate attacks. if you don't spend the money to make it redundant and secure, AND TEST IT, you're going to get bit. not a question of if. when. btdt on the enterprise backup side of things. View Quote paper records get stolen all the time. former job we routinely had bankers boxes of medical records come up "missing" from clinic offices. |
|
|
If I were president, I'd authorize air strikes on any nation state-sponsored cyber attacks. If it was just hacker groups, I'd sanction the countries who failed to prevent the attacks. If we don't get serious, these fucktards can bring the western world to its knees with little effort.
|
|
We used to have Reagan, Johnny Cash, and Bob Hope. Now we have Biden, no cash, and no hope.
To anger a conservative, tell him a lie; to anger a liberal, tell him the truth. |
Originally Posted By The_Beer_Slayer: paper records get stolen all the time. former job we routinely had bankers boxes of medical records come up "missing" from clinic offices. View Quote understand. but a few boxes of records is not the entire dataset ransomware encrypted. there are costs associated with every choice. one big basket just makes it more likely for the entire basket to be impacted. |
|
The deuce you say.
|
Originally Posted By LurchAddams: No. Why would Putin stop Russian techies from extorting cash from American companies? View Quote In countries with high corruption rates, it's very easy for cyber criminals to just pay off the local police forces, especially when their targets are all foreigners. |
|
|
"If it moves, tax it. If it keeps moving, regulate it. And if it stops moving, give it Narcan." ~ AverageJoe365
“Imagine if the Great Depression and Mad Max had a baby.” ~ KingRat |
"If it moves, tax it. If it keeps moving, regulate it. And if it stops moving, give it Narcan." ~ AverageJoe365
“Imagine if the Great Depression and Mad Max had a baby.” ~ KingRat |
Originally Posted By OKnativeson: absolutely. their IT dept made me want to throw cats into lawnmowers some days. View Quote View All Quotes View All Quotes Originally Posted By OKnativeson: Originally Posted By LurchAddams: Is this related to Ascension's decision to hire ~500 H1B workers over the past few years? absolutely. their IT dept made me want to throw cats into lawnmowers some days. Just think of all the money they saved by outsourcing IT to another country! |
|
|
Originally Posted By Bat15: Just think of all the money they saved by outsourcing IT to another country! View Quote it didn't go for any pay increases for Allied Health Professionals. I worked for them for 5 years and never got any raises or pay increases, despite being a 5 Star Employee with the highest of certifications. of course they paid my wife less money with more experience and the same credentials for the same job. Ascension is an evil company that acts like a Mafia. |
|
Somewhere in the middle of hardcore Conservative and Libertarian.
|
So …. This stems from severs not patched for an app vulnerability. Ransomware built to exploit that vulnerability gets in and …. You have what Ascension and United Health experienced this year.
How about …. Patch all the servers? Like …. 6-12 times a year, install all the patches for software installed on the server. Might that keep Russians out of the servers? |
|
|
you would honest to god be amazed at the push back security teams get for simply making sys admins patch systems. especially in healthcare.
|
|
|
Originally Posted By racer765: when you start looking at IT support the way you look at janitors, this is the inevitable result. saw it from the inside for 20+ years at big enterprise, gtfo and now I'm much more relaxed. View Quote View All Quotes View All Quotes Originally Posted By racer765: Originally Posted By The_Fly: Yet another healthcare system that cut every possible corner on their IT infrastructure, and is going to get fucked hard and proper as a result. when you start looking at IT support the way you look at janitors, this is the inevitable result. saw it from the inside for 20+ years at big enterprise, gtfo and now I'm much more relaxed. Its why I've refused to work corporate IT in my career. I've always done small business consulting and higher education. I don't make quite as much money, but I also don't deal with outsourcing/layoff bullshit either. |
|
Abolish the FBI, ATF, and the NSA.
Any citizen accused of a crime is presumed innocent until bankrupted beyond all reasonable doubt. |
|
Originally Posted By Moon-Watcher: If I were president, I'd authorize air strikes on any nation state-sponsored cyber attacks. If it was just hacker groups, I'd sanction the countries who failed to prevent the attacks. If we don't get serious, these fucktards can bring the western world to its knees with little effort. View Quote Pay the Big Guy 10%, and you'll get airstrikes. |
|
America did not become a superpower by working from home or from a cubicle.
- LurchAddams |
|
Originally Posted By Waldo: They need to go back to keeping your medical records in a filing cabinet. View Quote One of the largest volume gun stores in my area still does transactions on paper books. Has since i can recall. You buy a gun there, the sales booklet is filled out and you get a carbon copy. I always thought that smart. Tangible is better than digital. Especially with the heat that business takes. |
|
|
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.