Cyberattack - HSE Locked Down & Held To Ransom

cyberspace
ransomware

#101

The Irish system reminds me of the American system - one basic reform would vastly improve the current mess. In the US case it is remove the tax break for employer paid health insurance and move to a Dutch style medical insurance system and a lot of the dysfunction would magically disappear. In Ireland’s case it would be abolish the health card and move to a French style medical insurance system.

In both cases this will never happen for political reasons. In the US the staunchest supporter of the employer health insurance tax break is organized labor. Heath benefits is the only area where union members get a better deal than non members. Remove the employer tax break and employment based health insurance and the last reason for private sector union membership disappears. So this reform will never happen.

And in Ireland. Well 1/3rd of the population who have medical cards are not going to give up their “free” heath care. No matter how crap it is and how dysfunctional the system. So as long as there is a medical card in any form the health system will be terrible. Guaranteed. The bits that medical cards dont apply to are actually very good. Like dentists and opticians. Very good quality care and very good value for money.


#102

A lot of the medical cards are being downgraded though. A lot are now GP-visit only cards, and “you will have to pay for medicines and other services”.


#103

During a 10 to 12-week period last summer, an average of between 600 and 700 empty beds were available across Northern Ireland every day. One day in June, 1,000 beds were free.

The revelations come as the health service struggles to tackle the waiting list crisis.

Any chance of a bit of journalism from RTE on these kinds of issues? Yeah, didn’t think so


#104

Well all of this is academic if the Health Service is collapsed and can not function above 20% capacity at present.

Any insight/updates anyone other than the bought and paid for media?


#105

HSE running at 4% Server capacity.

Sure what’s an extra 3000 servers (spotted on RTE) on top of the rest.

The CEO of the HSE Paul Reid said that of the HSE’s 5,000 servers, 96% of them have been screened and protected, which he said has to be done before they can be restored.

Mr Reid said almost 50% of the HSE’s devices have been screened and protected before restoring.

“It’s a big web that needs to be fixed between servers and access points.”

Mr Reid said the HSE is continuing to monitor the “dark web” for patient information and data.

“We’re still at risk”, Mr Reid said in relation to the possible publication of data.

Is this actually true? :eyes:


#106

Sounds like an evidence scrubbing operation to me:

The State’s Cyber Security Response Team along with commercial IT contractors FireEye and international partners

FireEye are a US intelligence/deep state front who are hosting a conference this autumn called (and I’m not making this up)

“Defending the New Normal”

A quick glance through their senior management’s CVs here and on LinkedIn confirms what they are.


#107

It might be worse for Spook Island than you imagine. :ghost:

What’s this?

The State’s Cyber Security Response Team along with commercial IT contractors FireEye and international partners have been working 24 hour shifts on a decryption key supplied by the criminal gang so they can use it on the HSE systems. It is complicated and painstaking work.

Archived src: https://archive.is/4OeWh

Hmm… It’s only painstaking if you are trying to break the decryption because you really have no decryption key.

Right? :man_shrugging:

Maybe the Alliance really has torpedoed the Menace’s Swamp Island Regime, locked it all up and they have it all.

Having had the run of the place and caught the Regime every which way, the only recourse for the Regime was and is to continue to bluff to the public thinking that can rely on some heavy Menace computing resources to assist to decrypt an NSA level hit, unless it’s quantum and/or buildings/underground bases of of super-computers I’m am not sure they are going to have much luck.

If I’m not wrong FireEye are connected to Solarwinds.

More later.


#108

Yea but

The public is being asked to stay away from the Emergency Department at Cork University Hospital unless it is absolutely necessary.

So like only go if it is an emergency-emergency yea.

In a statement issued this afternoon, the hospital said that its Emergency Department is exceptionally busy and some patients are “regrettably experiencing long delays”.

The hospital says the situation has been exacerbated by the continued impact of the recent cyber attack on the HSE.

Src: RTE

Yea but maybe, but yea about all those extra adverse reactions we’re upping the production on, well like, it’s the cyberattacks actually that’s like doing it, so it’s like it’s not like a cool time to have total spaz out and like try and die or something so like just keep it handy and don’t be langer like and clog up the A&E with your conspiracy theory freak out thinking you are going to die, or are turning into a feckin BORG and don’t be brining in any magnets and stuff either.


#109

Black Eye

So these lads, the glowies assisting the embattled regime… the Russians gave their own system a black eye. Hmm… :thinking:

BullsEye

Caught Rapid?

What is this, A New Zealand company offesr the HSE a free decryption tool and the hackers also give the HSE a free decryption tool so that means the hackers are… :kiwi_fruit: 's no? Well maybe, maybe not.

HSE cyberattack: New Zealand company offers decryption tool in response to attack

(May 2rd)

HSE officials hope a tool developed by a New Zealand company, which has been offered to the State for free, will significantly speed up the restoration of systems following last week’s ransomware attack.

On Thursday the gang behind the cyberattack gave the HSE a decryption tool to restore the health service systems which had been rendered useless by the malware known as Conti.

O Friday officials concluded this tool is genuine and that it works, but that the software is “flawed” and “buggy”. Restoring the systems using the tool would likely take weeks, and it may be quicker to manually restore the systems from back-ups rather than using it.

There were also concerns the software supplied by the gang could contain “backdoors” which may allow for further attacks.

Contractors working for the National Cyber Security Centre (NCSC), which is leading the response to the attack, is now assessing a tool offered by the New Zealand cybersecurity company Emsisoft which may be able to restore systems twice as fast.

The tool extracts the decryption key from the software provided by the hackers and puts it into a package custom-made by the company which should be far more efficient and far more stable.

It is hoped the software may work twice as fast as the tool provided by the hackers.

Hmmm… really, maybe, maybe it is so, or maybe it’s the journos lack of knowledge, maybe, but the language and all these freebie tools, sure is HIGHLY ambiguous and well confusing but let’s have a look, perhaps this the magical FREE TOOL after all?

So I was right, they are trying to reverse engineer it and/or crack it.

Our straightforward recovery process

  1. We analyze your infection within hours and advise whether no-cost recovery is possible using existing decryption tools and techniques.
  2. If our reverse engineers find errors in the encryption code, we try to crack it and build a decrypter that doesn’t require paying the ransom.
  3. If the encryption can’t be cracked at all, we try to find suitable technical workarounds that can be used to significantly reduce the paid ransom.

It is very possible they have not gotten any encryption key. It really is.

It’s notable how the media coverage mirrors these sites procedural info pages.

If you already paid the ransom but the decryptor doesn’t work

Sometimes the provided decryptor is horribly slow or faulty, but we can extract the decryption code and create a custom built solution for your ransomware strain that decrypts up to 50% faster with less risk of data damage or loss.

Finally, and sure one last thing we don’t have to worry about right? I mean it’s not as if they paid them loads of bitcoins and then found out the decryption key was “faulty”, “flawed” or “buggy” and no one had a clue how to utilise it efficiently, no they got it for free and found out it was a bit “faulty”, “flawed” and “buggy”, so thank heavens eh lads you didn’t pony up for it and find out it was a pile of shyte now did ya lads? :icon_biggrin:

It’s a close shave of a difference between a lock picker and lock smith.


#110

Actually this is possibly also the FREE toolz i.e. someone found the download page by searching the web, but not seeing a specific FREE Conti decryptor.

Maybe they got a special :five: :eyes: club membership edition or everyone is a sweetheart, including the hackers when it all boils down to it:

The Emsisoft decryption tool has been given to the HSE free of charge as part of an assistance programme the company provides to healthcare agencies who have been the victims of cybercrime during the Covid-19 pandemic.

One of the main selling points of Emsisoft is:

We can cut your downtime from weeks down to a few hours

No one on the planet it seems is safe from the HSE effect once it kicks in it’s game over for those in proximity, here the fallout timeline goes from Weeks to MONTHS!

Get in touch with the Emsisoft Anti-Ransomware Team

Our services are provided on an hourly basis with a minimum contingent of 10 hours, which is usually enough to get ransomware victims back to regular business operations.

So why €100 million spend to fix?

Seems on balance the hackers should have been paid the €20 million and then the taxpayer could pocket the remaining €80 million no? :icon_biggrin:


#111

3 Weeks later, Prayers Answered

The impact on services had put them back 30 to 40 years in some areas, he told RTÉ radio’s Morning Ireland.

Health Service back to 1980’s

Rebuilding services

Mr Reid said he was not aware of any further contact from the criminals who launched the cyberattack as the HSE focus had been on rebuilding services, assessing the impact and protecting data.

While the data encryption key had been provided, it did not cover “the trail of devastation they left behind and its impact on us.”

Mr Reid said that the rise in Covid cases in Limerick was down to a number of factors such as outbreaks in work and social settings and households.

The situation remained very volatile, he said, before adding the warning: “the virus has caught us every time we dropped our guard.”


#112


#113

Keep in mind and remember and ask yourself - Do we even have a viable Health Service right now ready to save me from potential death?


#114

The next shoe to drop in Technocracy’s coup d’etat is to declare war on cyber criminals. The current news cycle is full of stories about cyber security and politicians are reciting the talking points like parrots in a pet store.

The end result will be calls for a global registration system for all Internet users in order to isolate the evil-doers. In the process, all Internet activity will thus be monitored, analyzed and judged for its content.

In the meantime, be watching for big cyber events that the media will spin into a frenzy of fear mongering stories. ⁃ TN Editor


#115

How does that compare to a Health Service reduced to 1980’s levels with 20% capacity?


#116

Even by May 17th no real mention of Tusla


#117

Day 27 - Not much to report, still collapsed.

:tumbler_glass:


#118

Day 30 - Feeling pretty gay about the stats.

Or is it because it is the SUMMER, might be a seasonal thing, don’t ask me why it’s a kind of a hunch.

Also, are the hospitals running at super low capacity coz they woz cyber hack attacked? Is there maybe less peopel in the hospitals system than ever before? How would we know?


#119

Day 34 - 6 months and counting.

Tell us something we don’t already know. :icon_rolleyes:

So that will take them to Novemebr 2021, where they will unveil the new super-cyber-medical-gulag tracking system, best-in-classt/first-in-the-world (say nothing about Chyna) of its kind, and clearly they had no choice, to ditch the Constitutional Republic you see, because well because Delta+ hyper-super-variant caught us by surprise and we are where we are, nobody saw it coming, it kilt all the penguins in the Zoo, the system is overloading as we propagandise, we have people dropping off trollies in the supermarket dead etc. etc. we really need everyone in this new tracking system, linked to you passport, with your vaccination schedules and status. We can then granularly lockdown individuals, household, villages towns and fields of wild humans, to isolate without disruption the whole and take targeted pin-point measures to sterilise this polygonal hot zone of infection-freedoms. This will reduce the need to keep locking down society with no end in sight as we have been doing since March 2020.


#120

Surely I deserve an (H) A+ no? :icon_cool:

…The WHO is also tracking recent reports of a “delta plus” variant. “What I think this means is that there is an additional mutation that has been identified,” said Maria Van Kerkhove, the WHO’s Covid-19 technical lead. “In some of the delta variants we’ve seen one less mutation or one deletion instead of an additional, so we’re looking at all of it.”

Archived link: https://archive.is/T6aoR