Cyberattack - HSE Locked Down & Held To Ransom

cyberspace
ransomware

#41

Data iz not lost!!!
Data iz still available :clown_face:


#42

:slight_smile: Yea, sorry it’s not single choice. The Provid choose 1 + 2 as the outcome. They have no access to the data. Data make its way outside their control (edit post to make clear) - Basically, CHAOS!

Is someone trying to bring down the Provid Regime?

Maybe Martin is an avid Crypto trader and knew the market was about to tank, thus wait to buy some at discount. Hedge his bets loike.


#43

Maybe what has really happened is Micky & Co have had to liquidate some cryptos and sold off a rake of Bitcoins, causing todays massive dip by spooking the market, so as they can pay the people that matter from their back pocket as such and this is why they couldn’t be shelling’ out bitcoin to no low down dirty cyber criminals.

Makes sense. :+1:

More than 100,000 HSE staff may not get paid this Thursday, as the health service’s payment system remains out of action as a result of the recent ransomware attack.

As the Irish Examiner reports, Health Minister Stephen Donnelly confirmed that the HSE payment system is down as a result of the attack.

He said getting it back up and running to ensure HSE staff are paid is now “an absolute priority”.

He also confirmed that some of the 146,000 people working in the HSE are due to be paid on Thursday.


#44

Ha. Now we’re in this together.


#45

Free Of The Health Service

Now that “hackers” have liberated the health service executive data of all current and historical patients, a total snapshot of the HSE could be available to anyone. Then are we to believe it is normal for “medical organisation” outside of “the state” to regularly cruse the darknet :ghost: to drum up business on slow days as per latest intrigue on Day 7 of the Cyberattack and takedown of the Provids Medical Tyranny?

Mr Kelly said the organisation knew exactly what he required and offered in a short period of time to provide the operation he needed because he could not get it as a public patient for a certain period of time.

Are we to believe that hackers and the darknet combined is a 1000 times fold more efficient that the HSE?

If so, what’s the problem here eh?

Looks like this patient has a fighting chance. Rev up the GoFundme!!!

Unless they offered to do it for free out of pity, since they seem to know the main was waiting an undue period to get treatment. Maybe we’ll never know how this story ends.

Finally, it is truly marvellous, how exactly what the politicians and media coverage said would happen. Happened. Exactly as they knew would happen because they told us, after they decided not to pay a red cent, and call the hackers bluff. These are smart people. Very smart.

The Regime knew in their heart of hearts, the really knew the public would not mind having their data used as leverage to save a few quid, and as is custom on the island, the population would naturally thank the Regime for saving a few million euros while sacrificing the nations entire medical data history by delivering a special gift for the privilege at the ballot box.

Donnelly however was signalling something a bit different yesterday from the same piece updated:

There has been no verification that real data potentially compromised during the recent cyberattack on the Health Service Executive (HSE) IT systems has been released, according to Minister for Health Stephen Donnelly.

Mr Donnelly said there were extensive backups and a lot of medical files had not been compromised. Postings of heavily-redacted material are being examined and gardaí are investigating the issue, he said.

“We have no verification that what has been posted is real data. We are awaiting details to know if sensitive information has been released.”

Speaking on RTÉ Radio’s News at One, Mr Donnelly called last week’s cyberattack “an attack on the Irish people, the health system and patients and their families”.


#46

Telegram groups are saying how it’s very convenient that data is lost. FOIs about deaths in HSE care homes - oops no data! Etc. Etc.


#47

Day 8 - THe Ship is leaking.

The criminal gang responsible for last week’s cyberattack on the HSE’s IT systems is threatening to release the stolen data online if the ransom demanded is not paid by Monday, May 24th.

The gang asked for $20 million in bitcoin, according to The Irish Times, however, the Government and the HSE have both stated it will not be paid, in line with State policy.

HSE chief executive Paul Reid said if the ransom was paid, Irish authorities would be giving money to a group who could then use the funds to further strengthen their hacking capabilities.

International news agency Bloomberg has reportedly seen a communication from the Russian-speaking gang, stating the deadline of next Monday for the ransom to be paid.

:clown_face:

The Russians (again) and the US MSM see and report all the comms. The US media know what’s going on, while the smart people here talk to people who are use to talking to people in this situations.

Figure it out. :joy::rofl::joy:

Other documents appear to be commercial in nature, and relate to contracts between the HSE and some of the suppliers and other partners it works with.

In the Dáil, Minister for Communications Eamon Ryan responding to the report, said they would establish a “helpline, a confidential crimeline-type system” for people to phone if they were affected.

He warned however that “we have to be careful about some of the rumours around this. It’s full of subterfuge and all sorts of unknown” elements.

“But if anyone is approached by anyone claiming that they have medical or other relevant data – Government Information Services will be proving details of this later – we will provide an online-type confidential line where they will get secure a advice in terms of what they need to do.”

They are also contacting social media companies to say if anyone is “propagating any such information some of it the most sensitive, that we do not propagate it , we do not share it”.

He said they could not completely stop the revelation of data but they wanted to minimise the risk “to the best of our ability”.

I bet they’re contacting their hand in glove social media big tech allies to plug any leaks.

CODE: RED HOT DEEP BROWN - Operation Y-FRONT

There you have it folks. They are shitting it. They are shittin’ a brick. So many bricks the housing crisis will be solved soon. You better believe it!

They’re afraid the Irish people are going to see what is really going on. We might see the contracts that show real details, the potential financial penalties between Provids and Big Pharma if they don’t reach injection targets, imagine, pay if you do pay if you don’t, and full legal immunity for one side again paid for by the Provid i.e. people, a triple win for the Pharma-rama.

To put it in some recent historical context - Imagine if NAMA was ransomware’d a year or so after it’s creation. Things might be very different today. World changing stuff ya know.

From Russia With Love

Meanwhile, if it really is a bunch of hackers, really real ones, real Russians, somewhere, being all Russian hackery and stuff, instead of spending their hacking time hacking and cyber criming, but actually sifting through millions and millions of records, cherry picking the best of the lot in the space of a few days, like trawling through all the HSE, Tusla and Dept. Of Health records, in about 4 days, finding the juicy stuff, then maybe there is an angle here to sort this out. Maybe there is a deal to be done, some common ground for the common good.

Perhpas the hackers set up shop and do the decent thing and let people buy back their own data at the individual rate, if I have my maths about right that’s about €4 per record. Assuming 5 million health records. If it’s more, then the price is surely going to go down.

If there are key gov docs perhpas then a crowdfund for the purchase back, the important one, the juiciest ones that need to be secured. Let the people decided. Let the people crowd fund it all.

Seriously lads, if you’re not going to play ball and let them publish the stuff and sell it on to other perps. At least give the ordinary decent folk a chance to buy back their data. It is their data after all and if there are actually really real Russia hackers hacking away, let the Irish people sort it out within their own means.

Other documents appear to be commercial in nature, and relate to contracts between the HSE and some of the suppliers and other partners it works with.

:ninja:


#48

But, but, this says there hasn’t been a ransom demand?

Acting Minister for Justice Heather Humphreys has said that no ransom demand has been received by the Government from the criminals who attacked the HSE’s IT system last week.

“No direct request has been received by anybody,” she told RTÉ News at One.

So, is it a white hack looking for evidence? Or is it a convenient way to be unable to answer FOI requests?

Archive link: https://archive.is/ZmF1b


#49

:pray::pray::pray:


#50

Yes covered that in previous posts but here is some key info from Chief Irish Bilderberger:

Mr Coveney said he does not believe those tackling and investigating the attack are speaking to the criminals, but they are talking to many people who are used to speaking with criminals in these type of situations, to make sure we protect citizens and the State as best possible.

You know how late night trash chat shows work right when things are a bit slow or they want to get the party going?


#51

Poll - SWAMP ISLAND: Regime Collapse - Close?


#52

80% Drop in Health Service Capacity

Recycling outlook commentary with language modifcations for a fresh lookin’ update on the same old catastrophe.

String us along is maybe all they have right now (seems familiar), it’s day 8 without any cases and deaths, so we need to bleed our hearts for the machine, the machine is the victim here. The poor 'awl machine. Pay menace for the trial and tribulations of the machine greatest woe. Machine Lives matter. Believe Machines.

It’ll be months and month… but can the Regime last that long, on current timeline that’s like decades in “events” terms.


#53

Update!
Despite no ransom demand and no ransom paid there is now a decryption key available…

Although he does say “by the Irish State”. Did the EU pay? We’re sending them enough recovery fund money…

https://twitter.com/fergalbowers/status/1395443907710885893?s=21

I wonder will all files be retrievable or will some, sadly, be lost…

One commenter said to the above tweet

“Strangely enough everybody pays because they do give you data back. It’s their business model to make sure the future hacked pay. I find this story puzzling that they gave key & were not paid. Not good for future business.”


#54

The Rebel Alliance are helping the peeps. No more the bogey man . Wonder what is in the commercial files found.

Double squeaks.


#55

Update -


Archived link: https://archive.is/AjriW

“It appears that the person was trying to use their computer but received some sort of a message to use a messaging service to contact someone who could fix the problem,” a source with knowledge of the situation said.

What followed was a lengthy exchange in which the hackers told the employee that they had accessed 700 gigabytes of data of patients’ home addresses and other personal details through their computer.

What followed was a lengthy exchange in which the hackers told the employee that they had accessed 700 gigabytes of data of patients’ home addresses and other personal details through their computer.

The employee was told that a ransom of close to €15 milion would be needed, the source said.

It is understood the communication was in English, and the hackers provided a decryption key, saying that they would sell the data if the ransom wasn’t paid.


#56

Sounds more like a LARP at this point. All part of the deal they made with the Squid at the start of this event?

However, the sources said the fact the decryption key had been shared with the HSE strongly suggested the gang was just about to share all or most of the Irish data online.

https://archive.is/xQ8rt

:thinking:


#57

Today and yesterday media reporting looked a lot like point 12:

12. The time spent in your network will likely have allowed the attackers to steal business critical, sensitive and confidential information that they now threaten to publicly expose .

Some attackers also apply emotional pressures, with direct employee appeals and threats over email and phone.

Most attackers will start publishing stolen data anywhere from a few days to a week after the main attack if no contact from the target is received or negotiations breakdown. However, it could be several weeks or even longer before anything gets published.

Further, while the attackers may promise to delete your information if you pay, you have no guarantees that they will.


#58


#59

You can’t injunct the Rebel Alliance.


#60

Just part of the cover up. Wont stop the information being sold on. But will stop the Irish media reporting just how total the data breach is.

It looks like the HSE was a very basic MS shop from top to bottom. The sort of set up you might see in a small business. 20 to 30 employees. Normally it is very easy to find out the tech setup of large organizations if you know where to look. I’ve done it in a bunch of countries. Based on the footprint of HSE related items I’ve found the level of technical sophistication was minimal and upper management totally dysfunctional. Have they actually had a qualified CIO for the last five years, for example?

My guess is a lot of the data is already for sale. Mostly as sample dumps. To find out you would need an uparmoured browser working on a sterilized machine to avoid being whacked. And without white hat credentials high risk given just how many agencies are trawling for leads. The very act of looking makes you a high profile target. From both sides.

As for the decrypt key turning up. Might be true, might be false. A whole bunch of ways it might have appeared. Some ligit. Some as a result of being turned. Given the custom hardware available to some of the TLA’s might even have been cracked. Should only take a day or two if bumped to the top of the job queue.