IT Professionals, Guilty

Current Affairs
1461

I’d imagine it would be next to impossible in a sprawling operation like the HSE. Not technically impossible but organisationally they just wouldn’t have been setup to have security operations like that. Once they are in at all the cunts know what to do to create as little noise as possible.

They spent 8 weeks skulking around and slowly moving up the food chain, and even when they raised alerts, they were ignored.

I’ve glanced through the report but they’ve redacted a lot of the nitty gritty technical details.

1462

20211210_205447
20211210_205447864×674 77.9 KB

1463

@KinvarasPassion shown up badly here. He’s never heard of privilege escalation.

2 Likes
1464

So even at that late stage they could have stopped it if they just did what they were supposed to? I presume the entire IT security team in the HSE have been fired? Lol

1465

The 400k a year CEO has surely got the bullet.

1 Like
1466

Ya, it sounds like from the report the Department of Health and one other hospital did exactly that.

1467

Yer man from UCC on the news said it wasn’t a very sophisticated attack. Says enough

1468

He was on the news there earlier briefing the report as though implementing a security system had fock all to do with him, the CEO.

2 Likes
1469

I’ve heard rumours that a comprehensive IT security system overhaul was presented to the board in the months before the attack was rejected as being too costly.

1470

That was posted up here around the time of the attack, they wanted 14 or 15 new hires to double the team.

1 Like
1471

They’ll get them now. :rofl:

1 Like
1472

What does that mean in layman’s terms?

1 Like
1473

The company provided them with their Anti-virus/security system must also have been doing some monitoring for them. They noticed the HSE team hadnt been responding to threat alerts raised by its software and contacted them to tell them they needed to check it out.

The HSE response was to turn the servers off/on again, which is actually a terrible thing to do when responding to an incident.

6 Likes
1474

I leave the minor details to the monkeys.

2 Likes
1475

The business I’m in myself has I’d say about 3,000 to 4000 accessing the network daily and it would be a small system with very few other external accesses to it, and there’s about 10 in the IT team. How the fuck could you securely manage the HSE with even the 30?

1476

The cunts in the HSE are gone into paranoia since and getting access to anything is like a maze.

1477

Was that 30 people to be assigned to dedicated Security Operations Centre (SOC) though? I’d imagine their actual IT department has 100s in it.
They have 130k staff.

1478

Fair enough

1479

Health care best practice is something like 1 ICT resources to 40 active it users and spending 3.5% of your annual income on ICT.

I’ve no idea of their IT staff numbers but they were struggling to spend 1.5% of income on ICT up until 2017 anyway. I know Simon Harris put a pressure on since then and some funding was freed up and covid and cyber will now bring it north of 2.5%

2 Likes
1480

HSE outsource all the Covid related stuff now and it’s a fuckfest with repeat notifications and ‘swift queue’ not patching in with Abtran or whoever is making the phone calls and I think there’s another third party banging out additional texts and they must be on piece rate bonus.

HSE need new leadership capable of driving the required reform, like yer man in the Phoenix Park and I’m not talking about Michael D