BlackSuit ransomware gang claims responsibility for NHLS attack

mylesillidge

mylesillidge

Journalist
Joined
Jul 29, 2021
Messages
1,778
Reaction score
1,735
What I don't get is you always read, "data deleted".... Are they backing up to a USB drive?

WTF

Offsite / Cloud
 
What they don't mention is the system is totally offline and as a person working inside the health system I can tell you that this is having a catastrophic effect. Virtually unable to access any labs whatsoever, the lab techs have to go search through hundreds of samples manually and read directly off the machines, and this is at a major academic hospital, can't imagine the smaller hospitals.

I also know that the NHLS had been warned about this already from the covid days. During a research project that required collecting of lab results I discovered that it was trivial to access hundreds of insecure accounts and that the search function had no SQL injection protection and allowed mass exportations of labs by any user.
This was reported to the system administrator but it was brushed off and nothing was done.

Whoever setup this database and interface was grossly incompetent. My guess is it required almost no effort to gain root access, it did t require any elite hacking skills; any script kiddie using well known exploits could gain root, which they likely still have....
 
EdDante said:
What they don't mention is the system is totally offline and as a person working inside the health system I can tell you that this is having a catastrophic effect. Virtually unable to access any labs whatsoever, the lab techs have to go search through hundreds of samples manually and read directly off the machines, and this is at a major academic hospital, can't imagine the smaller hospitals.

I also know that the NHLS had been warned about this already from the covid days. During a research project that required collecting of lab results I discovered that it was trivial to access hundreds of insecure accounts and that the search function had no SQL injection protection and allowed mass exportations of labs by any user.
This was reported to the system administrator but it was brushed off and nothing was done.

Whoever setup this database and interface was grossly incompetent. My guess is it required almost no effort to gain root access, it did t require any elite hacking skills; any script kiddie using well known exploits could gain root, which they likely still have....
Click to expand...
I can imagine the system being offline is creating total chaos, what's the eta to getting back online, do they even have a backup system that's not infected?
 
Names of attackers ≠ name of their collective alias.

Journalism...
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter