Top | |
Newsletter 01/20/2023 |
Back to Contents |
The Empire State Strikes Back
On January 15, 2023, The New York Post published an article entitled, "NY
lawmakers vow to tackle cyber hack attacks against hospitals, schools."
That's right, folks. We got trouble right here in River
City. Indeed,
The Empire State intends on Striking Back against
those nefarious 21st century Pirates of the Deep Web, The
Hackers. The group, One Brooklyn Health, was hit by the attack in late November, officials confirmed. Now, even as cybersecurity experts work to get its three hospitals fully back online, doctors and nurses are forced to rely on methods most hospitals left behind in the 1990s: pen-and-paper patient care.
It was the forced reliance on analogue systems
that hospital staff were never trained
to use which contributed greatly to the cascading failures resulting in
the death of Baby Nicko Silar. It’s time “to view these types of attacks, ransomware attacks on hospitals, as threat-to-life crimes, not financial crimes,” said John Riggi, the national adviser for cybersecurity and risk at the American Hospital Association. Ransomware attacks — in which hackers encrypt networks and demand payment to unlock them — have been some of the most common strikes against medical facilities.
So in rides the Legislative Cavalry to save the day — well sorta. As
was reported in the NY Post article cited above: "State
senators who oversee homeland security and technology are considering
holding hearings on cybersecurity ransomware threats this year."
Well,
bless their little pea pickin hearts. Let me
forecast what some of the facts that these stalwart people's representatives
will likely be forced to encounter and come to grips with. For those keeping score at
home, a term to learn here is
Remote Access. Schools manage more than enough money to capture the attention of cyber criminals, to say nothing of the value of the data they hold. While most cyber criminals couldn’t care less about students’ algebra grades, it turns out that the identity information of minors is especially valuable to criminals interested in perpetrating credit and tax fraud. And, given that other kinds of organizations which may have more money or more valuable data tend to be much better protected, schools represent an attractive target for some criminal groups.
When the lawmakers consider new
proposals in order to improve the cyber security of New York's
schools, who will the legislators hold responsible for any breaches? In
an era an of multiple pandemics who will be held
responsible for any ensuing cyberattack that is traced back to when a teacher phoned in a lesson from her cellphone over
Zoom? Once again, for those keeping score at home, I refer to
the list of CVE's that have plagued Zoom.
[ed. pun intended]
Are ill children going to be chastised for their remote learning
sessions platformed on the same notebook that the student goes a TikTokin on?
What how about all the admonitions for teachers to use email today?
Teachers today are encouraged to use email for any number of usual
teacher activities. From
sending lesson plans to
communication with parents, teachers utilize email
today as much as in any other profession. Along with all the ensuing risks
to networks that
email portends. I wish The Empire State Good Luck and Godspeed in its worthwhile attempt to grasp some understanding of these devastating issues of hacking in general and, specifically, ransomware. I am sure their investigations, and any resulting efforts, are all well intentioned. Nonetheless, NY doesn't need to spend any taxpayers money to get to the bottom of things. Simply peruse all of the great body of information readily available for anyone to read, digest, and come to a better understanding of this incredibly complicated issue. What Empire State legislators will learn, if a thorough and unbiased investigation is made, is what Walt Kelly told us over 50 years ago:
Walt Kelly source: https://library.osu.edu/site/40stories/2020/01/05/we-have-met-the-enemy/
|
¯\_(ツ)_/¯ |
Gerald Reiff |
Back to Top | ← previous post | next post → |