Hollywood Presbytrian held for ransom?

[4est_4est_Gump]

I used to write banking software and one thing that I had to do was to put in a god code to safeguard against the client losing their master password.

You would think that no one would be able to lock themselves out, but I had to at several times go in and use the god code. It was written into the code. A very clever hacker could have gotten into that code. Back then, we did not have the encryption...

None of that is true.

Of course not sweetheart, because you were there and you were in charge and you know that that is not how that happened. I'm just making shit up to look good...

 

[about_average]

Of course, if everyone would simply store their data completely separate from their operating system, this would not be an issue at all, as the OS could easily be reinstalled, which naturally eradicates the ransomware, while the actual data is never at any risk.

Bullshit.
You don't really do anything with computers other than post on Lit do you?

If a user can access their data, ransomware can encrypt it.

 

[nerfhearder]

Of course not sweetheart, because you were there and you were in charge and you know that that is not how that happened. I'm just making shit up to look good...

Yes you are making shit up to look good. What you described would never happen and isn't needed and might even be illegal.

 

[ryan8558]

Bullshit.
You don't really do anything with computers other than post on Lit do you?

If a user can access their data, ransomware can encrypt it.

bingo!!!

 

[nerfhearder]

Bullshit.
You don't really do anything with computers other than post on Lit do you?

If a user can access their data, ransomware can encrypt it.

Pretty much, yes.

 

[JohnnySavage]

LOS ANGELES (AP) — A Los Angeles hospital paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network, the medical center’s chief executive said Wednesday.

It was in the best interest of Hollywood Presbyterian Medical Center to pay the ransom of 40 bitcoins — currently worth $16,664 dollars — after the network infiltration that began Feb. 5, CEO Allen Stefanek said in a statement.

The FBI is investigating the attack, often called “ransomware,” where hackers encrypt a computer network’s data to hold it “hostage,” providing a digital decryption key to unlock it for a price.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”

 

[nerfhearder]

LOS ANGELES (AP) — A Los Angeles hospital paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network, the medical center’s chief executive said Wednesday.

It was in the best interest of Hollywood Presbyterian Medical Center to pay the ransom of 40 bitcoins — currently worth $16,664 dollars — after the network infiltration that began Feb. 5, CEO Allen Stefanek said in a statement.

The FBI is investigating the attack, often called “ransomware,” where hackers encrypt a computer network’s data to hold it “hostage,” providing a digital decryption key to unlock it for a price.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”

They always pay. It's not a bad way to make a buck if you know how and don't get too greedy.

 

[SpermofCicero]

Bullshit.
You don't really do anything with computers other than post on Lit do you?

If a user can access their data, ransomware can encrypt it.

Friggin' cloud is in a world of hurt then, eh wannabe?

 

[Five_Inch_Heels]

CEO should be charged with funding criminal activity, or whatever the current terminology is. The turds behind this stuff could be anyone ... IS for example, or the Mexican cartels.

 

[lovetoread]

They will end up paying the bitcoin just like the various police depts and schools here have done. The crypto people really do send the code once the payment goes through.

LOS ANGELES (AP) — A Los Angeles hospital paid a ransom in bitcoins equivalent to about $17,000 to hackers who infiltrated and disabled its computer network, the medical center’s chief executive said Wednesday.

It was in the best interest of Hollywood Presbyterian Medical Center to pay the ransom of 40 bitcoins — currently worth $16,664 dollars — after the network infiltration that began Feb. 5, CEO Allen Stefanek said in a statement.

The FBI is investigating the attack, often called “ransomware,” where hackers encrypt a computer network’s data to hold it “hostage,” providing a digital decryption key to unlock it for a price.

“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”

I'm shocked

 

[about_average]

Friggin' cloud is in a world of hurt then, eh wannabe?

Yes, even people using the cloud can be at risk.

Just admit you have no idea what you're talking about, wannabe.

 

[about_average]

CEO should be charged with funding criminal activity, or whatever the current terminology is. The turds behind this stuff could be anyone ... IS for example, or the Mexican cartels.

The current term is "legal".
It's not against the law to pay up. So what you're suggesting is for the CEO to be charged with a non-existent crime.

 

[4est_4est_Gump]

Yes you are making shit up to look good. What you described would never happen and isn't needed and might even be illegal.

Might be illegal?

How so? I was on a retainer to maintain the programs I wrote.

I wrote a god mode into them, just for me, an administrator level and a user level.

If a user forgot a password, the administrator could reset it. If an administrator forgot a password, which happens more often than you, probably not a programmer, realize (because humans do stupid shit like writing it down on a post-it), then someone had to have the ability to reset the administrator's password, because some sensitive client data was only available to the administrator.

Now please elaborate on how this contractual obligation between contractor and clients might possibly be illegal.

 

[ryan8558]

The board of the hospital should be considering a new CEO and CIO. And fast!

 

[RobDownSouth]

Might be illegal?

How so? I was on a retainer to maintain the programs I wrote.

I wrote a god mode into them, just for me, an administrator level and a user level.

If a user forgot a password, the administrator could reset it. If an administrator forgot a password, which happens more often than you, probably not a programmer, realize (because humans do stupid shit like writing it down on a post-it), then someone had to have the ability to reset the administrator's password, because some sensitive client data was only available to the administrator.

Now please elaborate on how this contractual obligation between contractor and clients might possibly be illegal.

Good morning, Chief! Welcome to your morning bitch slap. My name is RobDownSouth and I'll be applyin' the whoopass this morning.

Your notion of "contractual obligation between contractor and clients" is quaint. It was superceded decades ago by the need to protect actual customer data....sensitive financial information...from evildoers.

Since then, not only are back door access frowned upon, they are actually illegal (Google FISMA and HIPAA for example if you don't believe me, which is the norm).

I seriously doubt you did any work for anything above a single branch community bank, if at all. And you definitely haven't done anything since computer security standards were enacted circa the mid 80s. There's a whole cottage industry devoted to computer security and passwords. The late Byron-in-Exile was unsurpassed at resetting passwords, as I recall.

As teh noted philosopher Sir James Paul McCartney once described you, you're "like a relic from a different age. Could be? Ooooh wheee!"

Bottom line: Go lie elsewhere, my situational half breed friend.

 

[RobDownSouth]

The board of the hospital should be considering a new CEO and CIO. And fast!

The most "hardened" hospital in America can be undone by a foolish user opening an email attachment.

 

[SpermofCicero]

Yes, even people using the cloud can be at risk.

Just admit you have no idea what you're talking about, wannabe.

Why don't you first learn the thread how ransomware on a user's computer can touch a user's data in the cloud, or, for that matter, any external storage drive/device that's not connected to the computer's operating system when the ransomware inserts itself?

After all, you're the "expert" wannabe.

 

[Ulaven_Demorte]

SpermofCicero?

Did EyertheLiar get his stupid ass banned again?

We add yet another subject, network security that he knows absolutely nothing about.

 

[about_average]

Why don't you first learn the thread how ransomware on a user's computer can touch a user's data in the cloud, or, for that matter, any external storage drive/device that's not connected to the computer's operating system when the ransomware inserts itself?

After all, you're the "expert" wannabe.

You didn't say "have good backups".

Yes, it could be the cloud. Or it could be tape, or a USB hard drive, a thumb drive or even an unmounted hard drive in the computer. But that's not what you said, you said the cloud will protect you. Which is bullshit.

People who actually do work on computers have to access their data.

Since you make it obvious that your only use of computers is to whine on lit, you really should educate yourself before posting bullshit
It's not my job to educate you about technology so you don't look like an idiot. But I'll be a nice guy and point you in the right direction.
Cloud Computing

Hope that helps you some, wannabe.

 

[about_average]

SpermofCicero?

Did EyertheLiar get his stupid ass banned again?

We add yet another subject, network security that he knows absolutely nothing about.

Yes
Yes
Yes (or even computer security)

The most "hardened" hospital in America can be undone by a foolish user opening an email attachment.

I'm pretty sure that's an oxymoron. A lot of hospital embedded systems use the default password. In fact, a number of system integrators tell the specifically to not change the default password.

 

[SpermofCicero]

You didn't say "have good backups".

Yes, it could be the cloud. Or it could be tape, or a USB hard drive, a thumb drive or even an unmounted hard drive in the computer. But that's not what you said, you said the cloud will protect you. Which is bullshit.

Here's what I actually "said" that pricked your wanting ego so effectively that you couldn't help but helplessly allow you emotions to so aimlessly retaliate (as your SOP):

Of course, if everyone would simply store their data completely separate from their operating system, this would not be an issue at all, as the OS could easily be reinstalled, which naturally eradicates the ransomware, while the actual data is never at any risk.

Now, again...

Learn us all how any data is at any risk - as you "expertly" insist it is at risk - when it is kept completely separate from the operating system which is infected with ransomware, and yet the user still has full access to that data?

You know, so you can contradict yourself here, wannabe:

Bullshit.
If a user can access their data, ransomware can encrypt it.

 

[about_average]

Learn us all how any data is at any risk - as you "expertly" insist it is at risk - when it is kept completely separate from the operating system which is infected with ransomware, and yet the user still has full access to that data?

Ah, I see the problem, but it's not a surprising one when all you know is posting on lit.

You think the phrase "separate from the operating system" has only one meaning and you think "the cloud" has only a single configuration.

Friggin' cloud is in a world of hurt then, eh wannabe?

Well, I provided you some links. If you're not interested in educating yourself there's nothing anyone here can do about it. Or more accurately, nothing anyone is willing to do.

 

[Ulaven_Demorte]

Here's what I actually "said" that pricked your wanting ego so effectively that you couldn't help but helplessly allow you emotions to so aimlessly retaliate (as your SOP):



Now, again...

Learn us all how any data is at any risk - as you "expertly" insist it is at risk - when it is kept completely separate from the operating system which is infected with ransomware, and yet the user still has full access to that data?

You know, so you can contradict yourself here, wannabe:

AS usual, the moron digs a deeper hole rather than admit he knows jack shit about a subject.

 

[RobDownSouth]

Ransomware can most certainly be eradicated from a computer, but that totally depends on the sophistication of the particular ransomware program itself. For instance, I've personally eradicated every instance of the infamous FBI ransomware I've ever been presented with. However, no doubt this hospital is dealing with a much higher degree of sophisticated ransomware.

Of course, if everyone would simply store their data completely separate from their operating system, this would not be an issue at all, as the OS could easily be reinstalled, which naturally eradicates the ransomware, while the actual data is never at any risk.

Any entity that doesn't do that as SOP is simply inviting continuous attack.

Okay, this is Queerbait-class ignorant and almost Ishmael-class ignorant.

You obviously don't understand the concept of ransomware.

I will explain.

Ransomware fires up, usually when a dumb bunny user opens a sketchy attachment. It typically seeks out network shares that the user has access to, then encrypts each individual file in a directory, which removes the original unencrypted file.

You can kill the ransomware executable (easiest way is to disconnect the dumb bunny user's infected computer from the network) and delete the executable, but the damage is done: you have dozens/hundreds/thousands of individual files with the same hellishly strong encryption key. THAT is the actual ransom: pay us, we'll give you the key.

What I have done personally is to wipe out the data share completely and restore from the previous night's backup (I segregate program files and data files on separate network shares.

Your conjecture that wiping out the ransomware encryption program somehow magically restores the encrypted data files is simply not true.

 

[SpermofCicero]

Your conjecture that wiping out the ransomware encryption program somehow magically restores the encrypted data files is simply not true.

That would be your "conjecture", wannabe, not mine, since I've never implied that in the least, except in the fabrication shop of your mine.

Once more, for the obviously reading retarded, here is exactly what I posted:

Of course, if everyone would simply store their data completely separate from their operating system, this would not be an issue at all, as the OS could easily be reinstalled, which naturally eradicates the ransomware, while the actual data is never at any risk.

With all the wannabe computer "experts" playing in this thread now, why cannot even one of them tell us exactly how data kept "completely separate" from an infected operating system is at any risk at all to the ransomware which has installed itself into that operating system?

Google can help you all, you know, if you're really having that hard of a time with the simple words "completely" and "separate".