The University of Mississippi Medical Center is suffering a major cyberattack. The phone lines and website are currently down. One source said all systems are down.The cyberattack began overnight. UMMC staff have been working on it since 2 AM. Another source said "More information will be posted when available.
Update: UMC issued the following statement.
Due to a cybersecurity attack, many UMMC IT systems are down, including access to our electronic medical records, Epic.Today, all UMMC clinic locations statewide are closed.Outpatient and ambulatory surgeries/procedures and imaging appointments are cancelled and will be rescheduled. Hospital services are continuing for our patients using downtime procedures.We apologize for this unexpected disruption, and we will provide further updates as information is available.
The shutdown includes Blair Batson Children's Hospital.
Singing River Health Systems was hit twice by cyberattacks in the last three years.
Update (10:10 AM): UMMC is sending employees home but in some cases, making them use their personal time.
34 comments:
They sent employees home, diverting to all other area hospitals, canceling all clinic appointments and non-emergency operations.
What an absolute joke.
Not to be overly dramatic, but this $#!+ is literally going to kill people. Baptist and St. D cannot handle significant diversion and they certainly can't handle level 1 trauma. There will be predictable consequences of badly delayed critical care. F@cking Russians.
Not a Joke at all... People don't realize just how fragile any system is now days, much less a hospital.
This is basically what's going to happen on The Pitt this season
8:57 - It's not a fucking joke. You have no idea how complex it is to harden infrastructure and maintain a security posture to keep this from happening. What a careless word to use. As one other commenter said, these types of attacks on medical system will inventible result in the deaths of people.
Heard from a friend that works there -- they are charting on paper, have no access to any electronic patient history records. Word is, it's a ransomware attack. He had no info on how much the cybercriminals are asking for.
You have no idea how complex it is to harden infrastructure and maintain a security posture to keep this from happening
You have no idea what I know. You sound like a government employee. Everything is too hard. You always have excuses.
Well said!
@ 9:19 “you sound like a government employee” sick burn. What does a government employee sound like? Educated?
it could have been something as simple as somebody opening the wrong email, or clicking the wrong link. doesn't matter how much security you have, if somebody opens the front or back door.
I heard it was 50 billion robux
It’s always funny when someone comments then immediately comments well said
cyberattacks are a constant threat. I use to work at the Dept of Ed and they had a digital screen hanging up in the office of technology and strategic services that displayed cyber attack attempts in real life
and it was constantly showing something.
My husband worked in IT at UMMC for years, now retired. He advocated for an internal EPIC system which could not be hacked from the outside for emergencies just like this (a redundant system that cannot be accessed externally), and maintenance of at least a few of the old technology film processors in case the e-system failed so old school x-rays and imaging could be printed in hard copy. He was shot down by the powers-that-be, told it was too expensive. Too bad.
Well COJ water won’t be an issue today & pray FBI gets all the investigators needed to solve this. This is dangerous for MS statewide in all of their facilities throughout the state!
While I’m sure you found that so impressive. It was likely just the global map from Honeynet.org which was a network of honeynets with telemetry to update the map whenever someone did a port scan or attempted to initiate an SSH connection. I bet it looked really impressive to an “educated” government IT worker who was absolutely clueless to what they were seeing.
Cyber Insurance has been being preached for years. If you run a business, you need to call your agent to discuss.
Well there will be no federal help thanks to Trump. And the state? Incompetent as ever. So good luck!
@8:57 some boomers here have no clue how complex modern computing and cyber attacks are lol
But we are spending trillions in Iran? Is that America first? And id say drink up but the state screwed that up! Maybe smoke a joint you bought off west street
we had one at DFA. They took control of our network/email. didn't affect critical systems but that alone was a massive headache
Let us layoff some more federal cyber workers while promoting Bitcoin as the future of finance!! Maybe our russian buddies and politicians can help fix the computer systems later.
We're still waiting for "Infrastructure week" that Trump promised in 2016.
Cyber attacks originating from other countries should be viewed as an act of war and treated as such.
Oh man it didn’t take long for the government worker democrats to chime in and blame Trump.
Look jr. Marxists, perhaps you all shouldn’t have wasted trillions on dark money NGOs laundering taxpayer cash through USAID funded cutout charities while kicking most of it back to the DNC for sustained election fraud and insider trading schemes. And let’s not forget all the “learing centers” and other democrat schemed taxpayer fraud for illegals.
Womp womp and boo fucking hoo!
What is a cyber attack? Is that like alien robots trying to take over the planet like they use to talk about on the old radio shows I listened to? Barefoot, of course. Couldn't afford shoes back in them there days.
Heads should roll at UMMC for this.
But I know they won’t.
I just hope for a speedy recovery for the sake of the patients.
Cyber Insurance requires regular security audits and penetration testing. You have to have competent cybersecurity staff and follow industry best practices. That requires hard work and might inconvenience the highly paid medical staff who “aren’t computer people” so it is highly doubtful they were doing much, if anything. And why should they? There will be absolutely zero repercussions for this!
10:23, You obviously weren't paying attention the last year, when the Trump Administration cut the workforce and funding to the Cybersecurity and Infrastructure Security Agency.
So here's some more recent news:
https://cyberscoop.com/trump-pulls-us-out-of-international-cyber-orgs/
Russia, China, Iran, and North Korea are the new Axis Powers.
Modern cyber attacks are very complex. Most are targeting human or machine identities as a way to get in the front door of an org without being noticed. Once in, they pivot to gain privileged access. This isn't necessarily an on prem vs cloud/SaaS issue. For ransomware, the best approach is strong backups that basically negate the impact since the data can be recovered.
It would be interesting to know what protections were in place. Do they have an inhouse SOC or outsource it? What cyber security tools were in place and what failed? Basically, what was the attack vector, how did they get in unnoticed, and what should have prevented/mitigated it?
TDS alert!
Lots of government workers on here while "on the clock."
First the TDS card, and now the Boomer card. Will the race card be next?
Post a Comment