HSE/Department of Health Hack (1 Viewer)

magicbastarder

Well-Known Member
Joined
Sep 14, 2006
Messages
7,800
Website
stroma.org
my brother is peddling the hypothesis that when coveney was talking to lavrov, he may have pulled out a 'hey, we're on the security council now. how's about you get your lads to pull their claws in a bit?' line.
and maybe the russians did a 'ah here lads, that's a bit much now' with the lads they were happy to ignore/coddle.

make of that what you will.
 

rettucs

Well-Known Member
Supporter
Joined
Apr 18, 2006
Messages
23,131
Solutions
1
Location
Post of the week winner: 22nd March, 2013
Maybe they're giving the encryption key after getting some of their millions?
thats what I thought but I read around a bit and, apparently this isn't that unusual for them. At this stage they have the data, its been made clear to them that data can be recovered without their help, they change their tactics to get the most value from the data they've robbed. They did the same in Germany before. Gave up the decryption key so the systems could get back online, and started talking about payment for not abusing the data.

Or, maybe they just got their ransom. The wording from Donnelly was very curious. No money was paid by the 'Irish State'. Someone else could have paid it.
 

pete

chronic procrastinator
Staff member
Since 1999
Thread starter
Joined
Nov 14, 1999
Messages
56,505
Solutions
3
Location
iPanopticon
Website
thumped.com
I think he was trying to be as broad as possible - like if he’d said “HSE DIDN’T PAY!” people would be all “oh so the department of health paid?” If he’d said “no government department paid!” then some would assume that some other part of government paid. Now he says “Irish state” and people are still “oh well someone must have paid.”
 

pete

chronic procrastinator
Staff member
Since 1999
Thread starter
Joined
Nov 14, 1999
Messages
56,505
Solutions
3
Location
iPanopticon
Website
thumped.com

flashback

Well-Known Member
Joined
Nov 8, 2004
Messages
8,106
Location
Trumpland
I guess I don't understand conceptually how paying them fixes the problem.

Paying them (to my eyes) just tells them that they should continue to attack and expect payments in the future.

Presumably they are still able to access the devices, and can pull the trigger at any point in time, either to decrypt or encrypt? If they aren't this moment they likely can be fairly soon.

MS and Apple have purposefully backdoored their OS's and systems upon demands from the US Govt, there exists backdoors in these OSs waiting to be used.

The only way (again in my completely not informed at all opinion) is to nuke everything, set up everything again, and try to restore from backups. Slow, shitty, annoying. But anything else is a guarantee that you're on the list of people that'll pay, and you will be hit.


(This isn't a straw man argument, but it's probably a not very good one. I don't know what I'm talking about here, but I'm curious how these things are dealt with.)
 

rettucs

Well-Known Member
Supporter
Joined
Apr 18, 2006
Messages
23,131
Solutions
1
Location
Post of the week winner: 22nd March, 2013
The only way (again in my completely not informed at all opinion) is to nuke everything, set up everything again, and try to restore from backups. Slow, shitty, annoying. But anything else is a guarantee that you're on the list of people that'll pay, and you will be hit.
thats pretty much what they're doing. If you look at the doc @magicbastarder linked earlier in the thread about the plan to deal with the attack, thats pretty much what they described.

Its tedious as fuck and is gonna take a long time (less now because they have easier access to the data), but thats the price to be paid for cutting corners with their IT security and infrastructure.

The biggest surprise in all of this is that they weren't hit sooner.
 

JohnnyRaz

Well-Known Member
Joined
Sep 3, 2004
Messages
5,164
Location
drifting arround
thats what I thought but I read around a bit and, apparently this isn't that unusual for them. At this stage they have the data, its been made clear to them that data can be recovered without their help, they change their tactics to get the most value from the data they've robbed. They did the same in Germany before. Gave up the decryption key so the systems could get back online, and started talking about payment for not abusing the data.

Or, maybe they just got their ransom. The wording from Donnelly was very curious. No money was paid by the 'Irish State'. Someone else could have paid it.

Denis o brien.

its trapatoni all over again.
 

flashback

Well-Known Member
Joined
Nov 8, 2004
Messages
8,106
Location
Trumpland
thats pretty much what they're doing. If you look at the doc @magicbastarder linked earlier in the thread about the plan to deal with the attack, thats pretty much what they described.

Its tedious as fuck and is gonna take a long time (less now because they have easier access to the data), but thats the price to be paid for cutting corners with their IT security and infrastructure.

The biggest surprise in all of this is that they weren't hit sooner.
Ah... haha. Oops. Fair enough though, paying them seems like the worst possible response. I'd probably take losing EVERYTHING over paying even a token amount, since it will keep happening.
 

JohnnyRaz

Well-Known Member
Joined
Sep 3, 2004
Messages
5,164
Location
drifting arround
20 million is pocket change to him

and they wanted it in bitcoin, and the value of bitcoin has dropped 45% since they announced the ransom. We missed a trick there.

it could be siteserv all over again.
we need to look into how tenders to cyber criminals are awarded.
tribunal anyone?

@pete you might want to delete these posts..
 

Users who are viewing this thread

Latest Activity

Loading…

We're listening to...

  • Womb Sounds To Make Baby Sleep Faster
    Womb Sound With Slow Heartbeat and Slow Pulse (Deep Sleep)
    Womb Sound
    Womb Sounds To Make Baby Sleep Faster

Support thumped.com

Support thumped.com and upgrade your account

Upgrade your account now to disable all ads... If we had any... Which we don't right now.

Upgrade now

Latest posts

Trending Threads

Latest threads

Top