Jackson Jambalaya

Mississippi - Remaining #1 for medical cyber attacks.

Terrible situation, but inquiring minds want to compare the crisis costs of the 3 national vendors to what it would have cost to harden their systems against cyberattacks at their leisure.

Is Mississippi still so far behind other states that they still do not know how to prevent this from happening?

@2:00pm Are you joking? This could quite literally happen to any institution in the world - and it is getting worse every day. Stop putting our state down for no reason.

Or use standard non-computerized landlines and pencils & paper.

Having lived through one of these with my employer, admittedly on a smaller scale, the impacts from a cyber attack remain for months, even if corrected and back on line today.

@1:58
Get a grip you foolish pleb! Mississippi IT state employees walk on water and perform miracles! They did nothing wrong! This could happen anywhere!

For everyone who does not work in the IT field... with all due respect, PLEASE shut up. You sound like idiots with your comments to us that are. No one is immune from a cyber attack.

This cyber hacking stuff sure is dangerous. Has Congress committed to passing common sense cyber crime laws? More laws=leas crime. Maybe we need to restrict the type of computers and computers programs that people have access to? Since criminals can weaponize computers, we need to restrict access to computers! Won’t somebody think of the children?

UMMC should’ve installed Gentoo.

I was born a hacker to two elite hacker parents. (mom was a Mac and dad was a PC) I literally wrote the book on hacking. (Printed in binary so you must compile it yourself)
My advice to everyone is to come together and support UMMC. There is nothing they could’ve done. Very few state employees working in IT have ever hacked so much as Polycom phone to play Doom. Very few of them could even compile and install Gentoo Linux. But they are human. Stop attacking them when they are at rock bottom. These are your neighbors. The bad guys are who you should direct your rage towards! Now I’m going to get back to hacking the Gibson.
❄️ Snowcrash out!

It is so angering. Incompetent leadership. Now they want to spend money on national vendors who are experts in "crisis cybersecurity hacked scenarios."

This is exactly the problem with having an all Emergency Medicine Vice Chancellor's office. All they know how to do is manage from a crisis, manage from an emergency. It is literally their training. React react. Versus strategize, invest, and plan.

Instead of spending the adequate amount of time and money and resources creating a strong and powerful cybersecurity posture within the institution over the 5-10 years, they ignored or put it at the bottom of the priority list because they do not understand.

And now all of our data exposed is the consequence. And now they reach out to the experts for the "crisis" and "emergency" because that is all these people have been trained to lead from.

1:58PM is correct. Crisis costs and the post crisis lawsuits due to their mishandling of their data will pale in comparison to what it would have cost to manage the importance of such important information correctly.

I remember when we had hard charts, didn’t have this problem then.

All the expensive firewalls, IPS, EDR and AV systems in the world can't stop the thirst for delicious BITCOINNNNNNN!!!! Sorry you plebs may have to reschedule your tonsil surgery, big daddy needs more BTC!

Unable to
Maintain
Minimum
Cybersecurity

What you really mean is all the “enterprise level” cyber security “tools” your dept. budget can afford wont help you if your cyber security team doesnt include a single competent hacker with a hackers instincts.

Walk through any hospital today and look around, every single nurse and aide is on their phone. And guess what they’re looking at? Tic toc dance videos, how to do your hair or makeup, twerking videos. For all the advancements in technology and medicine you were better take care of 40 years than today.

I hate this happened to the hospital. Hackers should get put under the jail. So many patients affected.

The hackers are in another country. Statutes mean nothing.

When every single member of the staff can click on the EPIk Suport Staf link embedded in an 'official' email sent to them...

Never fails to impress...the number of numbnuts who ooze out of the woodwork and show their lake of intelligence. Your degree of computer knowledge starts and stops with dungeons and dragons at mom's house.

AT&T got hacked. So I guess the IT department at UMC is incompetent like AT&T is incompetent.

Some of y'all need to simply shut up.

What is possibly taking so long??? When will we get answers???

I have heard of people getting texts from UMMC, Batson patients, addressed to their kids names telling them to respond. Nothing about this being reported as safe or hackers. Anyone know any update on this?

As was said in another thread on this site....someone opened the door and let the bad actors in by clicking a link or opening what looked like a document attached to the email. Who ever it was knows they did it and I would hope they fess up. I feel for the UMMC IT staff. They cant control the asses in the chairs.

Most organizations put off cybersecurity spending until after a major breach. The bean counters can't quantify ROI for that spending, so they don't support it. In a day when all anyone wants to tell their shareholders or their voters that they cut costs, increasing a cybersecurity budget becomes less of a priority.

But then something happens, and everyone wonders how and why.

Both private and public sector organizations are getting hit. There are thousands of threat actors overseas who spend 10 hours a day trying to break into systems, never mind the millions of automated hack attempts coming from their server farms. UMMC was probably seeing a billion attempts on its network a month. Only ONE of those attempts had to be successful for this to happen.

Cybersecurity *has to be funded* to protect Americans from overseas criminals. And the finance people at companies, state agencies, hospitals, etc., need to start seeing the lack of a breech as the best return on investment you can hope for.

"Lake" of intelligence, indeed.

If you can't hack it get out of the IT business.

Last night’s episode of The Pitt ended with this exact thing happening!

AT&T got hacked. So I guess the IT department at UMC is incompetent like AT&T is incompetent.

The difference is the incompetent people at AT&T got fired. That doesn’t happen in government. But it should.

There is a special place in hell for hackers.

Wait till Artificial Intelligence (AI) start hacking hospitals. What a sight to see.

@7:01 - AT&T is VERY incompetent. They couldn't even keep my copper landline phone on.

Further, https://www.wjtv.com/news/politics/mississippi-politics/agencies-not-following-cybersecurity-rules-state-auditor/

"AT&T got hacked. So I guess the IT department at UMC is incompetent like AT&T is incompetent."

Goodness gracious! I hope not. If so, every single sumbitch who has so much as touched the "IT department" at UMC needs to be summarily shit-canned. AT&T incompetence is its whole special and unique style, and hopefully, even Bluejeans Bobby would support a vaccine for it. Well, assuming anyone could develop one.

Nobody should snooze on the emergency medicine comments….

“Or use standard non-computerized landlines and pencils & paper.”

Yeah, let’s all roll the calendar back 40 years, so you can be middle-aged again.

Do you see all those ads for Norton LifeLock and Norton VPN? They were hacked not that long ago. And they are supposed to be among the best at cybersecurity. It can happen to anyone.

After a cyberattack bringing in experts like UMMC has done is standard practice. It means they are doing what is necessary to recover and prevent future breaches.

Bet it's a coverup to destroy a million TBs of data related billing/funding that ain't kosher. Never waste a crisis.

If bitcoin were outlawed, would this type of hacking continue to exist?

I am told they did not listen to people who told them their systems were vulnerable and had holes in it. I have cancer and cannot imagine what those patients are going through. The doctors are behind on national protocols for care and now u introduce the patient to more chaos. Wow! I am so blessed to be able to get care outside this backward state. I pray for all those affected. Their care has been compromised again.

@7:56
God Bless you and good luck.
I grew up in Mississippi and now live abroad. I am receiving cancer treatment at a Chinese hospital in Singapore. My oncologist is a brilliant Chinese lady in her early 30s. Best care I have ever experienced in my entire life. Her English accent tells me she may lived in Australia. They are giving me a gene therapy too. No chemo and no radiation. All at a fraction of the cost it would be in America. China is light years ahead of Mississippi.

All you government IT “workers” (most of the time you barely work) sure do get defensive when the target is on the mark!

Bingo!!! 'healthcare' is a business, a commodity like buying a car ... people do not understand doctors now days only do what a computer tells them to do.

If the hackers read this, I’ll give then $20 if they delete my billing records with UMMC.

You would think an institution such as UMMC would declare "Disaster Status" move to a hot site, restore and fight the fire at home until recovery is achieved. Of course, the bad actors could have infiltrated days, weeks or months back. Years even to insure backups were corrupt and a fall back path was moot.

If bitcoin was outlawed, only outlaws would have them.

@ "'Or use standard non-computerized landlines and pencils & paper.'

Yeah, let’s all roll the calendar back 40 years, so you can be middle-aged again."

...Ignoring the fact that those actually work and never crash. Little weenie can't stand doing anything not involving a screen and a machine telling you what to do. Probably tries to build a fence with a cell phone.

Again, likely on purpose to cover tracks.

Get over yourself computer nerd.....the "attack" was likely on purpose to cover something up, or to justify getting more funding for a new system. "We the People" will never know.

UMMC was knowlingly putting people on ventilators and cramming them their parking garage to get $45,000 per during Covid. If anyone thinks UMMC gives a shit about actual patient care as their prime directive, they're imbeciles.

This would be the basic call to action any competent IT director would make. And you are correct that the bad actors were likely in there for months. The incompetence is glaring when you realize they have likely been in for months and nobody noticed. None of the expensive enterprise level cybersecurity defenses caught a thing. And since they didn’t have a single competent cybersecurity analyst (who isn’t entirely reliant on their cybersecurity dashboard tools) they got caught asleep behind the wheel, with their pants down, going 90 MPH toward a cliff.

Please provide a motive for this attack?

@9:33 AM

I am not sure if you are serious or being facetious.

However, news wonks may be aware that South Korea recently impeached their president to and then indicted and arrested him for corruption. During this time their government data center burned to the ground, including their backup tapes, losing all records of the massive widespread government corruption. My point is, what you are saying is not completely unheard of.

If they went to old school pen/paper records then computers wouldn't be needed. Without computers the employees wouldn't be able to surf the web during work hours and email friends. Oh my.

Never let it be said that the trolls are not imaginative.

Where do these so called non-computerized landlines still exist? Do you reaaluy think any UMMC employee under 45 has actually been trained and checked out on pencils and paper? smh boomer

Some people think AWS and Musk building data centers in MS are going to create all sorts of high-tech jobs. Whether it will or it won't, those companies sure as shit won't be raiding any local IT departments for talent.

If you are from MS and want a job with them, you better get hired by some company in Austin or SV right quick like. Aw, heck, what am I saying? If you had the skills to be in those kind of places, you'd have already been there for at least 5 years by now.

Oh, well, at least the existing MS IT jobs are safe. Until someone invents some magical computer thingamabob that can do as good a "high-tech" job as a pack of Ritalin-addled 5-year-old rugrats having a mudpie party with the family china. About the only STEM stuff most around here are interested in is medicinal weed and until that changes, we'll keep getting the same-ol' shit from the same-ol' malactors.