IT Professionals, Guilty

or if they’re clever they’ll go at the one looking to hide/protect something, a deterrent will draw the big boys, they love a challenge

What’s the most vulnerable to attack - is it phones and people clicking on links ?

It’s people. Clicking links, leaving passwords around, all sorts of stupid shit you wouldn’t believe. Not only that disgruntled people will go and give sensitive information for cash.

It’s practically impossible to keep them out technologically speaking because the real vulnerability is idiots

2 Likes

@Fulvio_From_Aughnacloy is after doing a serious job here to slow it down now they were making progress

The initial access is nearly always gained by one of two ways:

Brute forcing/credential stuffing exposed Remote Access servers
Phishing users and gathering credentials

1 Like

RDP has been hammered since all the working from home and brute forcing those is because numpties have passwords like P@ssword123 and LiamIsHome2018 :smiley:

1 Like

Is this what the HSE have been hit with?

Yes.

I’d love to know what the HSE IT estate is like. I’d suspect that they are still running a lot of XP and Win 7 systems.

1 Like

novell and win ME probably

They’d probably be grand if that was the case.

However, Mr Thomson said that the HSE’s initial assessment of the cyberattack is that it involves a ‘Zero Day’ attack. This means that there is a vulnerability in some hardware or software which would make the malware undetectable by conventional anti-virus or security software.

That would be very surprising and hard to arrive at that conclusion so quickly.

At least they had their priorities right spending €3.5 million on Teams and associated training

1 Like

Is that not standard for Friday afternoons?

2 Likes

looks like you were right and i wouldnt imagine that they did a lot of upgrading in the last 15 months either

In fairness the charges quoted in that are a pittance in the scheme of things:

Industry estimates put the cost at €50 per PC per year, doubling each year.

This could see the HSE stuck with a bill for €2.3m in 2020, rising again in 2021 if the outdated systems remain.

The big issue is those systems are so much more vulnerable to various exploits and tools that hackers run once they are on the network.

I’m trying to do a quick count of the Win. 7 and XP systems in our place. I’m at 14 on the XP count :nauseated_face: