[LINK] Hacking of medical records

tomk tomk at unwired.com.au
Wed Dec 12 16:32:39 AEDT 2012 

On 12/12/2012 2:28 p.m., Glen Turner wrote:
> On 11/12/2012, at 8:01 PM, David Boxall <david.boxall at hunterlink.net.au> wrote:
>
>> On 11/12/2012 2:19 PM, Tom Worthington wrote:
>>> ABC Radio South East is going to interview me at 8:46am Wednesday, about
>>> the hacking of medical records. According to the report "hackers" have
>>> demanded $4,000 to restore the records of a medical centre:
>>> http://www.abc.net.au/news/2012-12-10/hackers-target-gold-coast-medical-centre/4418676
>>> ...
>> OK, they were hacked and the records encrypted. Bummer!
>>
>> Were those the only records? No backups?
> ABC News Radio had an interview, and the person seemed to have an understanding of IT.
>
> The interviewed person said there were backups. However these were to a disk which was online at the time of the hack, so the backups were deleted.
>
> It seems to have been quite a comprehensive job at preventing data recovery (eg, files weren't only deleted, but also overwritten). It's fair to say that this sort of "ransomware" attack hadn't been considered by them when considering their security exposure.
>
> It's also fair to say that offsite backups would have ameliorated the situation. That's easier than most small business people think it is. USB hard disks are a great media, storage places like Kennards are more than happy to follow a set procedure for rotating the offsite storage, and a taxi will easily bring the disk to and from your door.
>


Dear Glen....
It's easy to point the finger from atop our ivory retirement castles but 
are off-site backups really quite so easy to organise ?
Last year, when I asked my local (Sydney) Kennards to organise a wooden 
packing case and to forward some stored goods - they pointed me at a 
copy of the yellow pages and suggested Grace bros removals. (This was 
for less than half a cubic metre and I was offering to pay whatever they 
wanted......)

The majority of Sydney Taxi drivers today - can barely read the UBD the 
right way up and those that can, have difficulty with the volume control 
on the GPS (mainly because of the nice sitar type music in the 
background.. that they might miss if they turn the gps volume up. (And 
I'm talking about the hones ones that allow the customers to see the GPS 
route... most hide the GPS in a non-customer viewable position....)

And pardon me, but would you entrust a 3G maximum shock device with 
someone that grew up in an area where bombs were constantly falling (and 
whom probably has an extremely nervous dropsy type disposition) ?
Lastly, please inform us as to which of the USB external hard-disk 
manufacturers you have found that have reliable products with solid 
after sales support ? My bad experiences in customer service range from 
Western Digital to Lacie... and not one of the manufacturers warrant the 
data on the device.
Hitachi used to be good - but the Hungarian factory was moved to China - 
add Hitachi to the nonono list. (They shouldn't have laid off my 
Cousin.... Quality control went down dramatically after he stopped 
swearing at the packaging machine.... )
Seagate is a hit and miss with anything over 4200 rpm... although 
Samsung seem still relatively stable...

Hard disk companies these days deny all responsibility for what's on the 
disk. It's almost like car manufacturers saying, we guarantee that you 
wont be safe in our vehicles....
Nope - Backups these days are no longer a non-trivial exercise. They 
require at the minimum, cloud access through multiple VPN's with timed 
remote hard-disk shut down and start up. With the back up of the back up 
being the old - CTO placing back-up 6Tb raid array in briefcase every 
night just before he leaves the office... (That has spent all day 
synching changes in real-time...)

At least the semi-disposable $65.00 1 TB office works Hard-disks are a 
small step up from a multi-volume 720Kb floppy MS-Dos (recovery) backup.
(Which is probably why Wine was written... just so people could use 600 
BPI Wangtek tapes to backup their MS-Dos VFS mounted partitions....
If there's one thing I have learnt from almost 34 years in the computer 
industry... Multiple varied media backups always pay off eventually.

TomK




-- 
Remember, amateurs built the ark • Professionals built the Titanic

More information about the Link mailing list