[LINK] Hacking of medical records
Glen Turner
gdt at gdt.id.au
Wed Dec 12 15:58:52 AEDT 2012
On 11/12/2012, at 8:01 PM, David Boxall <david.boxall at hunterlink.net.au> wrote:
> On 11/12/2012 2:19 PM, Tom Worthington wrote:
>> ABC Radio South East is going to interview me at 8:46am Wednesday, about
>> the hacking of medical records. According to the report "hackers" have
>> demanded $4,000 to restore the records of a medical centre:
>> http://www.abc.net.au/news/2012-12-10/hackers-target-gold-coast-medical-centre/4418676
>> ...
> OK, they were hacked and the records encrypted. Bummer!
>
> Were those the only records? No backups?
ABC News Radio had an interview, and the person seemed to have an understanding of IT.
The interviewed person said there were backups. However these were to a disk which was online at the time of the hack, so the backups were deleted.
It seems to have been quite a comprehensive job at preventing data recovery (eg, files weren't only deleted, but also overwritten). It's fair to say that this sort of "ransomware" attack hadn't been considered by them when considering their security exposure.
It's also fair to say that offsite backups would have ameliorated the situation. That's easier than most small business people think it is. USB hard disks are a great media, storage places like Kennards are more than happy to follow a set procedure for rotating the offsite storage, and a taxi will easily bring the disk to and from your door.
--
Glen Turner <http://www.gdt.id.au/~gdt/>
More information about the Link
mailing list