XPost: alt.politics, alt.security, alt.fan.rush-limbaugh
XPost: alt.politics.republicans
https://www.dailymail.co.uk/health/article-13128257/life-saving-cancer-drugs-cyberattack-health-insurer.html
Patients across the country are still unable to access
potentially lifesaving medications a week on from a cyber
attack on America's largest health insurer.
UnitedHealth revealed its Change Healthcare unit - which
processes prescriptions to tens of thousands of pharmacies -
was compromised last Wednesday during a suspected
state-sponsored hack.
The hack led to the company's Optum software being taken
down, preventing pharmacies like CVS and Walgreen's from
processing prescriptions with insurance.
As of today, some services are still down. Patients told
DailyMail.com that they have been denied medications for
blood clots, addiction, and cancer or been forced to pay
as much as seven times the normal cost after insurance.
Blackcat, also known as ALPHV, is a notorious ransomware
group that has targeted more than 1,000 computer networks,
according to the US Department of Justice.
The Justice Department said that Blackcat has become the
'second-most prolific ransomware-as-a-service variant in
the world based on the hundreds of millions of dollars
in ransoms paid by victims around the world.'
. . .
BlackCat is associated with the Russian govt.
Last year, it was suggested western govts had
neutralized BlackCat by nuking some servers.
Didn't work.
Other big corps have fallen victim over the past
few years.
BlackCat exploits log4/log4j/log4Shell to spread
itself laterally once inside a network. There are
tons of proposed 'fixes' - but apparently they do
not work worth a damn. Log4 is one of those kinda
hidden lower-level utility suites that make lots
of those convenient handy wunnderful web-page
tricks work. As such it cannot just be removed
or tons and tons of other stuff, esp 'container'-
based apps, suddenly stop working. Likely Russia
has spies within the very communities that try
to patch-up log4, so it knows in advance how to
get around said fixes.
Ya know though ... it's just AMAZING how many
giant tech and tech-dependent entities STILL
don't seem to keep regular quasi/totally-offline
BACKUPS of their systems and data. Ransomware
hits and they're SCREWED for long periods, or
maybe forever. In my little office we kept
weekly disk images of every box plus twice-daily
backups of the data ... and kept isolated local
and encrypted cloud sets. Was neither difficult
or expensive, and all automatic, the users
didn't have to do anything. Not sure what my
successors have done since. So - what's up
with the big corps ???
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)