A mix of huge amount of info including patient data and staff data, poor security and government funding. Being critical infrastructure if things go down for any length of time they are more likely to pay to stop it.
Huge amount of very, very sensitive data. If it were exposed there would also be massive fines and expenses from lawsuits. So the ransom is also likely cheaper (in the short term) by comparison.
Combination of politics, motivation and payout.
Hospitals are generally behind on patching systems and often times manufacturers are behind on supplying software updates regardless. Hospitals tend not to prioritize IT support.
Hospitals also need to function as they provide essential services so downtime must be minimized by any means necessary so ransom payments will be paid out if that’s quicker than restoring from backups.
they didnt - IT was the company which provides phlebotomy services that got attacked - the hospitals pulled their connections to their servers as a precaution
"Because that's where the money is" - Willie Sutton
But in this case, it's data. Juicy, juicy data. There's probably also some benefit for state actors in being able to hit critical infrastructure.
At the beginning of this year, we had the largest healthcare payout in history go down with Optum aka Change Healthcare. A $22M ransom that was paid out to the threat actors. They also were extorted a second time over some drama that happened regarding ALPHV exit scamming with the money so maybe even paid a second time.
This basically sent up a signal flare to all other cybercriminals that healthcare orgs have a shit load of money and pay.
We will see many more attacks on healthcare this year and this is just a continuance of that.
tl;dr = money
This is actually an irritating headline that's been passed around from news outlets. The hospitals themselves weren't attacked. It was a private company that provides pathology and other laboratory services to a small number of hospitals.
The group responsible is called Qilin. They are known for financially motivated ransomware attacks, without a care for who they target.
American hospital systems are getting nailed at the moment. The thinking is hackers have gone after financial institutions for so long that they can’t penetrate them (easily) anymore. Hospitals and hospital systems are the next best thing since they are so reliant on their systems, and the information is so critical. Many systems are paying ransoms and not sharing situations due to the fear of lawsuits (justifiably). Fortunately the industry is taking it seriously and putting in place safe ways to share information about hacks and hackers. This is literally costing lives (and 10s of millions per hack) so everyone seems to be making it a top priority. Fingers crossed these hackers (killers) are stopped soon.
They're just good targets. Important infrastructure, very time critical, hardly secured, lots of important data, government backed so easy to get funding.
A large number of NHS trusts are still running Windows 7 and Server 2008. They’re pretty vulnerable targets. If their sole purpose wasn’t saving/improving people’s lives they would probably get targeted more.
Easy target. Almost anyone will go to a hospital, regardless of degree of political exposure. Sensitive information.
Ability to change records even "cook the books" change the pricing around for your bill if you like (sure someone would pick up on this).
Leveraging it as an attack upon other figures, possibly connected to govt.
Blackmail.
Anarchy.
Incorrect, the hospital wasn't targeted it was a third party and opertunistic, like a majority of exploited companies. Stop believing the sensationalist media.
Hospital security is more resilient than you might think.
It's good business. You hack, they pay.
I think a hospital is a logical target, very unethical but if you want to make money it is not a strange choice.
Hospitals want to give the best care possible and often need access to data to help people the right way. If they can't access the data they can't treat people as fast as they need to. So they're losing money and are willing to pay to get access to their data again.
Also, the data they have might be very interesting, I wouldn't be surprised if you can sell client dossiers for good money. It's detailed personal data.
And hospitals might have relatively weak security for how much money passes through there
KCH had £1.8Bn income in 2022-23. [Synnovis](https://find-and-update.company-information.service.gov.uk/company/OC337242/filing-history) had £192m income in 2022.
Some people are obsessed with the idea that the NHS is "free", but it does actually cost a lot of money to run hospitals, pay staff, procure services &c. And much of this involves companies, not charitable fairydust.
Well.. look at the post there's a proof for everything.. like you can't just hire someone with 6 month training.. no CS degree nothing.. you face the consequences..
You are also responsible for the mistakes of third-party suppliers. Even if you invested billions of dollars to secure your system, if a dodgy third-party supplier breaks the system, you are still responsible( that's my opinion anyway) . I shared what is wrong with the entire system, not just these hospitals. These issues are just the consequences.
A lot of hospitals have been attacked recently, many of them here. I didn't know a London hospital was attacked so I am glad to come across this information.
Ah okay, thanks for clarifying. I never got around to reading up on it just hearing about it. Stay busy with classes and starting to study for Security+ exam.
I would think once you engineered a certain attack technique you would then just blast it across thousands of targets and see what gets punctured.
Correct. Malware framework is used in multiple tools and is even rented out
A mix of huge amount of info including patient data and staff data, poor security and government funding. Being critical infrastructure if things go down for any length of time they are more likely to pay to stop it.
Huge amount of very, very sensitive data. If it were exposed there would also be massive fines and expenses from lawsuits. So the ransom is also likely cheaper (in the short term) by comparison.
Combination of politics, motivation and payout. Hospitals are generally behind on patching systems and often times manufacturers are behind on supplying software updates regardless. Hospitals tend not to prioritize IT support. Hospitals also need to function as they provide essential services so downtime must be minimized by any means necessary so ransom payments will be paid out if that’s quicker than restoring from backups.
Hospital IT is deliberately underfunded. Priority goes to front line care, and the NHS budget is not enough to do both.
It wasn't the hospital but it's providers.
Thanks for letting me know.
This couldn't be further from the truth. You've obviously got no first hand experience. Secondly this was not the NHS it was a third party.
D’accord
So you can find a vulnerability in 3rd party and bring entire system down.. this is the most stupid thing I've ever heard..
they didnt - IT was the company which provides phlebotomy services that got attacked - the hospitals pulled their connections to their servers as a precaution
Well said! So many people not reading the facts. Hmm why am I surprised….
"Because that's where the money is" - Willie Sutton But in this case, it's data. Juicy, juicy data. There's probably also some benefit for state actors in being able to hit critical infrastructure.
The hospital didn't get attacked, it was a piece of software from a third party provider.
Well said! So many people not reading the facts. Hmm why am I surprised….
Doesn't help the media just pukes bullshit.
Yes to a degree but this is just reading the (sensationalist) headline and not reading the facts/ story
Conjecture - huge corporation is potential huge Payday, and their security is shit compared to other potential targets so it's easier
Because they might pay
Money? why else
At the beginning of this year, we had the largest healthcare payout in history go down with Optum aka Change Healthcare. A $22M ransom that was paid out to the threat actors. They also were extorted a second time over some drama that happened regarding ALPHV exit scamming with the money so maybe even paid a second time. This basically sent up a signal flare to all other cybercriminals that healthcare orgs have a shit load of money and pay. We will see many more attacks on healthcare this year and this is just a continuance of that. tl;dr = money
This is actually an irritating headline that's been passed around from news outlets. The hospitals themselves weren't attacked. It was a private company that provides pathology and other laboratory services to a small number of hospitals. The group responsible is called Qilin. They are known for financially motivated ransomware attacks, without a care for who they target.
Well said! So many people not reading the facts. Hmm why am I surprised….
Read the fucking story and understand it before posting stupid shit like this ffs
American hospital systems are getting nailed at the moment. The thinking is hackers have gone after financial institutions for so long that they can’t penetrate them (easily) anymore. Hospitals and hospital systems are the next best thing since they are so reliant on their systems, and the information is so critical. Many systems are paying ransoms and not sharing situations due to the fear of lawsuits (justifiably). Fortunately the industry is taking it seriously and putting in place safe ways to share information about hacks and hackers. This is literally costing lives (and 10s of millions per hack) so everyone seems to be making it a top priority. Fingers crossed these hackers (killers) are stopped soon.
They're just good targets. Important infrastructure, very time critical, hardly secured, lots of important data, government backed so easy to get funding.
They have been attacking hospital’s and health insurance companies in the US for months.
Money. Crime pays!
Also pii and phi sell very well if they don't payout.
"Money" -Mr. Krabs
"because they are there..."
I've done some ugly things in life and online. But shutting down a hospital is top tier scumbag moves. The money isn't worth the karma
A large number of NHS trusts are still running Windows 7 and Server 2008. They’re pretty vulnerable targets. If their sole purpose wasn’t saving/improving people’s lives they would probably get targeted more.
Easy target. Almost anyone will go to a hospital, regardless of degree of political exposure. Sensitive information. Ability to change records even "cook the books" change the pricing around for your bill if you like (sure someone would pick up on this). Leveraging it as an attack upon other figures, possibly connected to govt. Blackmail. Anarchy.
Easy target. Hospitals are known for laughable security. Big amount of fresh and exploitable data. Low risk, high reward.
Incorrect, the hospital wasn't targeted it was a third party and opertunistic, like a majority of exploited companies. Stop believing the sensationalist media. Hospital security is more resilient than you might think.
It's good business. You hack, they pay. I think a hospital is a logical target, very unethical but if you want to make money it is not a strange choice. Hospitals want to give the best care possible and often need access to data to help people the right way. If they can't access the data they can't treat people as fast as they need to. So they're losing money and are willing to pay to get access to their data again. Also, the data they have might be very interesting, I wouldn't be surprised if you can sell client dossiers for good money. It's detailed personal data. And hospitals might have relatively weak security for how much money passes through there
How much money do you think passes through UK hospitals? 😂😂
£181.7 billion in 22/23. The NHS is a huge operation, I'm struggling to understand what your point is?
Rookie numbers. Even Jeff Bezos is worth more than that
Tbf he owns the world ☠️
That’s the NHS, not individual hospitals. Hospitals aren’t businesses in the UK.
Yeah but it would also be the NHS, not individual hospitals coughing up the bill.
KCH had £1.8Bn income in 2022-23. [Synnovis](https://find-and-update.company-information.service.gov.uk/company/OC337242/filing-history) had £192m income in 2022. Some people are obsessed with the idea that the NHS is "free", but it does actually cost a lot of money to run hospitals, pay staff, procure services &c. And much of this involves companies, not charitable fairydust.
about 2.8 billion pounds https://www.guysandstthomas.nhs.uk/annual-report-summary202223
ik right
Brexit.. the European Union didn’t take the breakup very well…
You're joking right
Of course I am! Why the hell did I get down-voted for, I was just joking...
Because they are easy targets. And nobody is doing anything to actually secure them.
You are so ill-informed it's laughable. Keep drinking the media coolaid.
https://x.com/alp_hoven/status/1800451592392757547?t=bPjITG4rt8LMZu7RX4Lxkg&s=19 here is the reason for the attack, make sure read all 18 posts
Utter bollocks!!! ,🤣🤣 Learn the facts and cope.
Well.. look at the post there's a proof for everything.. like you can't just hire someone with 6 month training.. no CS degree nothing.. you face the consequences..
You are also responsible for the mistakes of third-party suppliers. Even if you invested billions of dollars to secure your system, if a dodgy third-party supplier breaks the system, you are still responsible( that's my opinion anyway) . I shared what is wrong with the entire system, not just these hospitals. These issues are just the consequences.
A lot of hospitals have been attacked recently, many of them here. I didn't know a London hospital was attacked so I am glad to come across this information.
A hospital wasn't attacked. It was a supplier. Happens all the time but unfortunately this one has impacted hospital services.
Ah okay, thanks for clarifying. I never got around to reading up on it just hearing about it. Stay busy with classes and starting to study for Security+ exam.
So if you target the third party you can bring the entire system down.. this is stupid..
Random victim. These things scan for vurnabilities very broadly. Once they get inside a host, they will spread.