12.06.22
Gemini version available ♊︎Microsoft is Killing Hospital Patients With Its Insecure-by-design Windows Operating System
Video download link | md5sum 9c2cd866f7a90f07c79e51b7e0523c86
Eradicate Windows From Hospitals
Creative Commons Attribution-No Derivative Works 4.0
Summary: Many people continue to needlessly die because many hospitals still foolishly deploy Windows on mission-critical life-saving machines
THIS 2020 series about Windows inside hospitals was based on whistleblowers. It attracted a lot of attention at the time.
The problem has not been resolved since then; the media reports similar incidents that are high-profile because it’s in France or Paris (so rich people suffer). Media coverage was amassed today, with more links gathered in prior days (with Daily Links containing these). Here are some examples:
-
French hospital cancels operations after cyberattack
The Hospital Centre of Versailles — which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home — was affected by the hacking attempt, said the complex’s management. The regional health agency (ARS) said the Andre-Mignot Hospital had cancelled operations, but was doing everything possible to keep walk-in services and consultations running.
-
French Hospital Halts Operations After Cyber-Attack
Although not mentioned explicitly in reports so far, the attack on the 700-bed hospital looks to be the work of ransomware actors.
If so, it follows a major ransomware attack on another facility near Paris in September this year. The Centre Hospitalier Sud Francilien (CHSF) in Corbeil-Essonnes was forced back to pen and paper after being hit with a $10m ransom demand by the LockBit 3.0 group.
A few months earlier, the GHT Cœur Grand Est hospital group said it had been forced to cut internet connectivity to its Vitry-le-François and Saint-Dizier hospitals after receiving a $1.3m ransom demand.
-
French Hospital Cancels Operations After Cyberattack
The Paris prosecutors’ office has opened a preliminary investigation into attempted extortion, as well as the access and maintenance of the state’s digital system. The hospital had also filed a formal complaint Sunday.
For several months now, hospitals and health systems in France have been targeted with such cyberattacks.
-
[Old] Paralysed French hospital fights cyber attack as hackers lower ransom
A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.
-
Brooklyn Hospitals Decried for Silence on Cyber Incident
Some systems at One Brooklyn Health System’s three hospitals – Interfaith Medical Center, Brookdale Hospital Medical Center and Kingsbrook Jewish Medical Center – were taken offline Nov. 19 following an incident about which little is publicly known.
Sources tell Information Security Media Group that the organization has been tight-lipped with other area hospitals about the cause of the outage, which is suspected to involve ransomware.
-
Cyber Attackers Cripple IT Systems of Prominent Indian Hospital
It’s unclear what data the attackers may have accessed, or what their motives were. The hospital itself hasn’t said what data — or whose — may have been compromised. On Monday, police in the Indian capital, where the hospital is located, said it was unaware of ransom demands in response to local media reports that 2 billion rupees ($24.5 million) had been demanded.
-
[Crackers] Cripple Prestigious Indian Hospital’s IT Systems
The All India Institute of Medical Sciences — a hospital that’s traditionally treated the country’s top politicians — has succumbed to a ransomware attack that’s shut down centralized records, people familiar with the matter said.
-
Why Ransomware Victims Avoid Calling It ‘Ransomware’
Mathew Schwartz: What is a ransomware attack called if it’s ransomware, but an organization that’s fallen victim doesn’t want to call it ransomware? Some companies have become expert at spinning as in using corporate speak or weasel words to avoid having to ever say the word ransomware. To a raft of press statements or data breach reports from companies that talk about suffering unexpected downtime, or perhaps a cybersecurity incident, the word cyberattack is another favorite. What’s going on here? Companies aren’t comfortable saying they’ve been hit by ransomware. That’s despite the volume of ransomware attacks appearing to have recently declined, at least against the healthcare sector.
Notice the conspicuous omission of the operating system. They make it sound like a general and system-agnostic problem. Just what Microsoft would like! █