12.06.22

Gemini version available ♊︎

Microsoft is Killing Hospital Patients With Its Insecure-by-design Windows Operating System

Posted in Microsoft, Security, Windows at 3:16 pm by Dr. Roy Schestowitz

Video download link | md5sum 9c2cd866f7a90f07c79e51b7e0523c86
Eradicate Windows From Hospitals
Creative Commons Attribution-No Derivative Works 4.0

Summary: Many people continue to needlessly die because many hospitals still foolishly deploy Windows on mission-critical life-saving machines

THIS 2020 series about Windows inside hospitals was based on whistleblowers. It attracted a lot of attention at the time.

The problem has not been resolved since then; the media reports similar incidents that are high-profile because it’s in France or Paris (so rich people suffer). Media coverage was amassed today, with more links gathered in prior days (with Daily Links containing these). Here are some examples:

  • French hospital cancels operations after cyberattack

    The Hospital Centre of Versailles — which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home — was affected by the hacking attempt, said the complex’s management. The regional health agency (ARS) said the Andre-Mignot Hospital had cancelled operations, but was doing everything possible to keep walk-in services and consultations running.

  • French Hospital Halts Operations After Cyber-Attack

    Although not mentioned explicitly in reports so far, the attack on the 700-bed hospital looks to be the work of ransomware actors.

    If so, it follows a major ransomware attack on another facility near Paris in September this year. The Centre Hospitalier Sud Francilien (CHSF) in Corbeil-Essonnes was forced back to pen and paper after being hit with a $10m ransom demand by the LockBit 3.0 group.

    A few months earlier, the GHT Cœur Grand Est hospital group said it had been forced to cut internet connectivity to its Vitry-le-François and Saint-Dizier hospitals after receiving a $1.3m ransom demand.

  • French Hospital Cancels Operations After Cyberattack

    The Paris prosecutors’ office has opened a preliminary investigation into attempted extortion, as well as the access and maintenance of the state’s digital system. The hospital had also filed a formal complaint Sunday.

    For several months now, hospitals and health systems in France have been targeted with such cyberattacks.

  • [Old] Paralysed French hospital fights cyber attack as hackers lower ransom

    A hospital southeast of Paris has been crippled by an ongoing cyberattack, drastically reducing the number of patients who can be admitted and forcing a return to pre-digital workflows. Security experts are trying to retake control of the computer system as ransom negotiations continue.

  • Brooklyn Hospitals Decried for Silence on Cyber Incident

    Some systems at One Brooklyn Health System’s three hospitals – Interfaith Medical Center, Brookdale Hospital Medical Center and Kingsbrook Jewish Medical Center – were taken offline Nov. 19 following an incident about which little is publicly known.

    Sources tell Information Security Media Group that the organization has been tight-lipped with other area hospitals about the cause of the outage, which is suspected to involve ransomware.

  • Cyber Attackers Cripple IT Systems of Prominent Indian Hospital

    It’s unclear what data the attackers may have accessed, or what their motives were. The hospital itself hasn’t said what data — or whose — may have been compromised. On Monday, police in the Indian capital, where the hospital is located, said it was unaware of ransom demands in response to local media reports that 2 billion rupees ($24.5 million) had been demanded.

  • [Crackers] Cripple Prestigious Indian Hospital’s IT Systems

    The All India Institute of Medical Sciences — a hospital that’s traditionally treated the country’s top politicians — has succumbed to a ransomware attack that’s shut down centralized records, people familiar with the matter said.

  • Why Ransomware Victims Avoid Calling It ‘Ransomware’

    Mathew Schwartz: What is a ransomware attack called if it’s ransomware, but an organization that’s fallen victim doesn’t want to call it ransomware? Some companies have become expert at spinning as in using corporate speak or weasel words to avoid having to ever say the word ransomware. To a raft of press statements or data breach reports from companies that talk about suffering unexpected downtime, or perhaps a cybersecurity incident, the word cyberattack is another favorite. What’s going on here? Companies aren’t comfortable saying they’ve been hit by ransomware. That’s despite the volume of ransomware attacks appearing to have recently declined, at least against the healthcare sector.

Notice the conspicuous omission of the operating system. They make it sound like a general and system-agnostic problem. Just what Microsoft would like!

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Links 03/02/2023: OpenSSH 9.2 and OBS Studio 29.0.1

    Links for the day

  2. Links 03/02/2023: GNU C Library 2.37

    Links for the day

  3. Sirius Finished

    Yesterday I was sent a letter approving my resignation from Sirius ‘Open Source’, two months after I had already announced that I was resigning with immediate effect; they sent an identical letter to my wife (this time, unlike before, they remembered to also change the names!!)

  4. The Collapse of Sirius in a Nutshell: How to Identify the Symptoms and Decide When to Leave

    Sirius is finished, but it's important to share the lessons learned with other people; there might be other "pretenders" out there and they need to be abandoned

  5. Links 03/02/2023: WINE 8.1 and RapidDisk 9.0.0

    Links for the day

  6. Links 02/02/2023: KDE Gear 22.12.2 and LibreOffice 7.5

    Links for the day

  7. Linux News or Marketing Platform?

    Ads everywhere: Phoronix puts them at the top, bottom, navigation bar, left, and right just to read some Microsoft junk (puff pieces about something that nobody other than Microsoft even uses); in addition there are pop-ups asking for consent to send visitors’ data to hundreds of data brokers

  8. Daily Links at Techrights Turn 15, Time to Give Them an Upgrade

    This year we have several 15-year anniversaries; one of them is Daily Links (it turned 15 earlier this week) and we've been working to improve these batches of links, making them a lot more extensive and somewhat better structured/clustered

  9. Back to Focusing on Unified Patent Court (UPC) Crimes and Illegal Patent Agenda, Including the EPO's

    The EPO's (European Patent Office, Europe's second-largest institution) violations of constitutions, laws and so on merit more coverage, seeing that what's left of the "media" not only fails to cover scandalous things but is actively cheering for criminals (in exchange for money)

  10. European Patent Office Staff Votes in Favour of Freedom of Association (97% of Voters in Support)

    The Central Staff Committee (CSC) at the EPO makes a strong case for António Campinos to stop breaking and law and actually start obeying court orders (he’s no better than Benoît Battistelli and he uses worse language already)

  11. Links 02/02/2023: Glibc 2.37 and Go 1.20

    Links for the day

  12. IRC Proceedings: Wednesday, February 01, 2023

    IRC logs for Wednesday, February 01, 2023

  13. Links 01/02/2023: Security Problems, Unrest, and More

    Links for the day

  14. Links 01/02/2023: Stables Kernels and Upcoming COSMIC From System76

    Links for the day

  15. IRC Proceedings: Tuesday, January 31, 2023

    IRC logs for Tuesday, January 31, 2023

  16. Links 31/01/2023: Catchup Again, Wayland in Xfce 4.20

    Links for the day

  17. Links 31/01/2023: elementary OS 7

    Links for the day

  18. Intimidation Against Nitrux Development Team Upsets the Community and Makes the Media Less Trustworthy

    Nitrux is being criticised for being “very unappealing”; but a look behind the scenes reveals an angry reviewer (habitual mouthpiece of the Linux Foundation and Linux foes) trying to intimidate Nitrux developers, who are unpaid volunteers rather than “corporate” developers

  19. Links 31/01/2023: GNOME 44 Wallpapers and Alpha

    Links for the day

  20. Free and Open Source Software Developers' European Meeting (FOSDEM) and KU Leuven Boosting Americans and Cancellers of the Father of Free Software

    The Free Software Foundation (FSF) and its founder, Richard M. Stallman (RMS), along with the SFLC one might add, have been under a siege by the trademark-abusing FSFE and SFC; Belgium helps legitimise the ‘fakes’

  21. Techrights in the Next 5 or 10 Years

    Now that I’m free from the shackles of a company (it deteriorated a lot after grabbing Gates Foundation money under an NDA) the site Techrights can flourish and become more active

  22. 60 Days of Articles About Sirius 'Open Source' and the Long Road Ahead

    The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”

  23. IRC Proceedings: Monday, January 30, 2023

    IRC logs for Monday, January 30, 2023

  24. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort

  25. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that

  26. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day

  27. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”

  28. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day

  29. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023

  30. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts