Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
Last week, the Oireachtas Joint Committee on the Implementation of the Good Friday Agreement met to discuss the impact of the recent protests in Belfast on the local retail sector, which is costing the local economy at least £15 million (€17.7 million). Dublin Counsellor, Steve Wrenn says that riots can easily progress into a bigger problem, so in order to stem this issue there needs to be some give-and-take.
WE ARE NOW into the eighth week of Unionist rioting in Northern Ireland. It is estimated that over £15 million in revenue has been lost and many police officers have been hurt. Property has been destroyed on a nightly basis and Northern Ireland’s reputation, which it citizens and representatives have worked hard to establish since the Good Friday Agreement is suffering as a result.
Riots
The trigger for these riots was the decision to limit the display of the Union flag over City Hall. We saw how easily mass rioting broke out all over Los Angeles in 1992 and in France in 2005. We also saw mass rioting in England in 2011 catching the authorities off guard and bringing cities to a halt. All had triggers that resulted in large-scale public unrest. History has shown us that if these conflicts are not resolved quickly and fairly it can result in loss of life and large-scale destruction of property. Countries reputations can be effected for years resulting in tourism and their economy suffering also.
These riots and their beginnings in the flag issue indicate a new type of problem faced by the citizens, both private and public, of Northern Ireland. In the past, violence had its roots embedded in decades of dispute with all sides clinging to their grievances. In the past, differences arose due to inequality. Now, with the new more equal structures in place in Northern Ireland, it is vital that all involved look to a new solution to this situation, one that moves away from the jarring reminders of the past we have seen in recent weeks and forward to new methods of resolving the inevitable conflicts that arise in a new society.
Solutions
Riots by their very nature are difficult to police and the bigger the riot the harder it is for the police to arrest offenders and stop the disorder. I have no doubt that this is what makes rioters feel comfortable enough to keep engaged and returning to the streets of Belfast. The fact that these riots are occurring at the same time as an increase in activity involving criminals with Republican links in the Republic of Ireland adds an even more sinister element to them.
It goes without saying that both the rioting and the security threat posed by dissident republicans needs be resolved as hastily as possible in order to underline and emphasis the success of the peace process in Northern Ireland and the desire of the majority of the people living in Northern Ireland to continue to live in the peaceful fashion to which they are now accustomed.
Policing may be the only method available to control a riot but communication, compromise and the process of conflict resolution are the only methods that will bring the unrest to a close. Eventually, the rioters might disperse because of the weather or early morning raids by the police. Raids on the homes of the ringleaders will result in stiff fines and prison sentences that may end the current trouble. The worry for the future is that this might have brought a whole new generation of young people into a fight that they don’t fully understand or remember how it started.
Young protesters
Young people may be criminalised and potentially given a ‘badge of honour’ by their peers for their involvement in such behaviours. It is vital that we recall the lessons of our past and develop new strategies to ensure that this harmful cycle doesn’t start again. In the Republic of Ireland we have seen situations escalate out of control resulting in ongoing murders and several generations continuing feuds that become impossible to resolve. The families feuding in Limerick is a prime example of how generational violence and murder will continue, and serves as a reminder of how important it is to deal with smaller issues before the point of escalation.
Mediation is a perfect example of the type of intervention that has been used successfully in the past in communities and could be considered in this instance. It promotes ‘win-win’ outcomes, offers those involved the opportunity to express their issues in a comprehensive fashion and, most importantly, is very successful.
Coming from a mediation point of view, a way of preventing young people from both communities from engaging in rioting or sectarian violence could be to have them design a Northern Ireland Peace Flag. This flag could have, for example logos from both communities or incorporate colours from both the national flags. Schools, community based groups and other interested agencies could propose their designs and the people of Northern Ireland could choose their winner.
Peace flag
This flag could be flown over city hall and other controversial locations all year around. The peace flag could have huge significance for Northern Ireland and show the world once again that the people of Northern Ireland have refused to bow to violence and have decided to emerge from these recent difficulties a community that is stronger and more united than ever.
Another option that could be explored is the establishment of a “symbol commission” similar to that established by the British government in 1930 “to determine the rights and claims of Muslims and Jews in connection with the Western or Wailing Wall”. A commission such as this could have input into decisions such as those made regarding the flag and propose resolutions to prevent situations such as this arising again.
Steve Wrenn is a Labour Councillor for the Dublin North West Constituency. He is also the Peace Commissioner for the City of Dublin and surrounding counties.
To embed this post, copy the code below on your site
This is why staff training on this is so important. It only takes one click
@Edward Natali: think how much time and money could be saved with a few zoom courses on internet safety and spotting phising scams
@Edward Natali: Not sure if you are being sarcastic or not.
@Edward Natali: yes simple. Couple of zoom classes. Across 1000s of employees in the middle of a pandemic.
@Edward Natali: true, that being said, I wonder what standard of protection the HSE have. Didn’t they stil have Windows 7, which has many holes.
@Edward Natali: training on Info Sec is vital but that’s an extremely narrow view, systems need to be current, updated, backed up, and that’s just the beginning. It’s not just a single point of failure.
@Chris Byrne: windows 7 doesn’t have many holes and is still supported for businesses .
Besides which the hse shouldn’t have employees ahving access to unencrypted drives with a terabyte of customer info on it .
It’s just bad management
@Chris Byrne: Windows 7 or WIndows 10, the hack they deployed wouldn’t have made much of a difference. Even though Win 7 is out of support, MS will still provide security updates to customers that pay an additional yearly fee. It doesn’t matter if you have the best security systems, if someone inside invites the hackers in by clicking on a bad link it’s game on. Companies need to provide better training on how to avoid these scams.
@Chris Byrne: I can’t speak for the HSE and I’m making assumptions with this comment. If you have a very large organisation, with a great scope and variety of recorded data, that probably stretches back through older IT hardware and software systems……upgrading hardware and operating system software would take a long time and have to be still able to cope with some critical legacy applications and network elements. IBM itself suffered from being so big and having so many levels of management that decision making became problematic to implement quickly. There were 67 levels of management (I think) between the head of IBM and the newest junior employee.
@john s: company’s do this all the time, it doesn’t need to be a zoom class, it can be a presentation you watch and verify, then there’s phishing drinks as well. These make people more aware/suspicious of emails from unknown sources.
@Edward Natali: It’s far from clear if it was one click. The explanation in the article seems almost deliberately vague
@David A. Murray: I mean when IBM was at the height of its success in the early 1980′s. They had got that big and successful by cornering major parts of the IT/mainframe business. When change in the computer business became more rapid, IBM were ill-equipped to adapt.
@Edward Natali: you’ll have to explain abit more on staff training, because it’s really common sense to know if something looks legit or not.. but hey everything must be true if its on facebook
@sean o’dhubhghaill: lol click on the link to training moudule
Http:/ godhelpus / trainig
@Edward Natali: those pesky pishing scams
@sean o’dhubhghaill: Why would he be sarcastic. Theres any more things to be done, such as actually caring about keeping goverent I.T. infrastructure up to date, but it’s still surprising how many people belive scams that tell them to click on a link or pay money for support. Staff training would help with that
@Chris Byrne: Window XP or Windows 10. Doesn’t matter in this case.
@Edward Natali: they already were in the system and exfiltrated the data before showing the message.
@john s: yes, it would absolutely be simple, zoom can handle 1000+ participants… even during a pandemic it seems!
@David Kelly: That’s not always the case. I’ve seen some come thru our company that have a level of detail, that our cyber security guys have to really look at to confirm it’s a scam. These are targeted attempts, very specific to our company, not some random scattergun approach.
@Edward Natali: seriously you think a few zoom meetings are going to sort this?? The hse computers were not secure, they had outdated software, and a lone computer ? No such thing I would have thought in the network and no matter how many times you remind people not you click on links.. someone always does it.. distracted with work , talking to someone.. seriously unlucky.. we need to update everything and employ some of these hackers to help make systems safe again.. we also need them in our Dail.. our firewalls were not good ..
@Justin Fay: That’s not clear. The message could have just been on some dodgy site and the user clicked a link, downloaded and installed some software.
@Dawid Grzybowski: Using Zoom??? Zoom bombing was almost a national sport for a while!!
@Alan Byrne: it also depend on the type of access the user has.
@Mickety Dee: It is clear, how would they encrypt and download 700GB of data almost instantaneously? After clicking the user was brought to a chat where the ransom demand was made. It is public knowledge they were in the IT system for 2 weeks prior to making the demand. Bad reporting by the journal.
@Edward Natali: There are some basic ‘internet hygiene’ rules that so called staff training focus on: 1. Do you know the sender of a message? 2. Is the message expected (e.g. part of a previous telephone conversation)? 3. Is it coming from an known address? Has it passed through malware protection.
So I know of several instances where the answers would be:
1. Yes
2. Yes
3. Yes
4. 3 different protection systems.
Citing ‘staff training’ is glib.
And… one person does not have access to all the HSE systems that have reportedly been affected. the true nature of this incident will take some investigation.
@AJ McLaughlin:
Alas 10 years ago that may have been enough. But with the rise of cryptocurrencies that bad guys have financial incentive to build teams that can break anything – package it all into a toolkit that they can sell for equivalent of a 1000 bucks with complete impunity
@Edward Natali: I work for a major IT company here, and they send out face phishing emails at least once a month, if you get stung, you need to do a small training which fills you in on all types of attacks… The issue here is not the employee that’s for sure and people would be wise not to make any assumtions…. But this is the HSE we are talking about,
I genuinely feel sorry for this person right now they literally have the weight of the Health Service of Ireland on their shoulder and the Guilt that they are feeling must be completely unimaginable feeling that are responsible for sick people not been able to access the care that they need because of their unintentional actions and I genuinely hope that they get proper support and not vilified.
@Fi Wyse: 100% I would hate to think they are going to get in awful trouble for this.
@Fi Wyse: and reading your post will help with that.
@Fi Wyse: I agree. I hope their identity never reaches the public domain. It’s a mistake anyone could make, and if it hadn’t been them, it would have been someone else.
@Fi Wyse: not a very helpful or kind comment. It infers that they should feel guilty for the actions of a criminal gang??
Whoever the person is, they are not responsible and they should feel NO guilt
@Angela Lavin: no, Fi imagines that they would feel guilty and clearly says that she hopes the person isn’t vilified.
@Angela Lavin: I think that was the intention of @Fis comment, ie for the person who clicked on the link not to feel guilty about it and to get the support they need if they do feel guilty or stressed about it.
@Angela Lavin: I don’t think you understand my post.
@Fi Wyse: All this could easily have been avoided if the right systems were in place. The staff member is in no way responsible. The sham that is the hse is so incompetent that it doesn’t have security in place to avoid this situation.
@Fi Wyse: Given the HSE’s history of never accepting responsibility / liability when losing court cases and the multitude of mistakes and damage it has caused to people eg X case, Hospital trollies etc etc etc. It is the people who work in the HSE that are the HSE and we should all start holding those people accountable, not just 3 letters. She may have just tried to fix a computer but the real story is why weren’t systems previously backed up and protected. The Hackers are not the only ones in the wrong
@Fi Wyse: I agree 100 % a awful thing to happen but it could happen to anyone
@Barrycelona: she eh?!!! Couldn’t possibly have been a bloke then?!
@ZiggyS: it’s public sector
They’re grand
Nothing is going to happen to them
@ZiggyS: Why should they carry the can the HSE, Paul Reid and their computing services are to blame. Who the hell is still using windows 97. They are so out of touch that it was inevitable this was going to happen and is now going to continue as these criminals now know what crap systems we have. It should now be a priority that the Government invest heavily in making sure that all Computer systems are totally up to date and as far as possible be hacker proof. My comments are not toxic but literally point out the problem. Everything that is provided by the state is usually on a very thin shoestring which goes back years.
@Fi Wyse: the have not.. this is down to crap security by the hse computer systems.. in dire need of updating
@Fi Wyse: That employee only got the ransom notification. At that stage the hackers had already been through the system and downloaded patient data. Dont shoot the messenger
@Barrycelona: SHE????? Why not a HE?
@Barrycelona: that’s very close to “but what was she wearing?” style victim blaming.
@ZiggyS: Unless any sort of training was provided to avoid these type of scenarios then i doubt anyone has anything to worry about… What is alarming is that they seem to focusing on one single person like a scape goat… The issue here is no the employee but the whole IT system in general.
Was it the Nigerian Prince with pallets of cash to deposit in your account?
@Greg Ward: i was chatting to him yesterday. He was still looking to get sorted so don’t think so. Gave him my bank details to help him out. He was telling me that everyone just assumes he was a crook. I knew he was genuine when I saw his profile picture of himself outside his Palace….
@Enda Flaherty: I hope you have him your mother’s maiden name, often it’s handy to pass that on especially if you’ve a common name and they need to track you down to find you and pay you the reward.
@This time its personable!: actually that did come up. Really nice guy. So interested in my life. Even wanted to know my first pets name..!!!
@Enda Flaherty: aw isn’t that just lovely to hear, so much misinformation going about, goes to show you shouldn’t judge people who have random numbers and letters in their @gmail address!
@Greg Ward: comment of the night !!! Classic
@Greg Ward: George Agdgdgwngo, its all making sense now :
https://www.youtube.com/watch?v=R9biM_ZfIdo
This story seems doubtful. 700GB of data, including relational databases, accessible from a single computer with permission to overwrite with encrypted copies?
@Helpless In The Face Of Your Beauty: used as an entry point to access existing network access
@Helpless In The Face Of Your Beauty: My thoughts exactly. They’re really rolling out some absolute porky pies.
@Helpless In The Face Of Your Beauty: this is the hse , that’s the laziest way to do it .
The nhs recently had its vaccine database crash because it was just an excel sheet .
@Helpless In The Face Of Your Beauty: You’re aware of the internet, right? ;) You wrote this comment from a single computer to a website through encrypted traffic, saved it to a database, where it now shows to all the rest of us. Don’t underestimate the power of one compromised computer on a network..
@Seán O’Sullivan: that was Serco the private company hired to run testing in England and Wales.
@Helpless In The Face Of Your Beauty: under normal circumstances, that would sound crazy. But we don’t know what attack mechanisms they could have launched once they have access to one machine. Could be some RDP back door with an admin elevation hack that no normal user would unleash on their own.
@Helpless In The Face Of Your Beauty: agree with you.
@Helpless In The Face Of Your Beauty: well the journal got it from a trusted source so must be legit
@Helpless In The Face Of Your Beauty: There is plenty of information on the internet on how the Conti virus is planted and once it starts spreading from one infected machine to another it will soon come across an account with Administrator access, and then it uses the psexec command and RDP protocols to infect and access servers and other PC’s. There are a number of measures you could put in place to stop this but it makes administering a computer network more difficult. We need to invest more money in properly securing our critical IT systems. It can be done.
@Helpless In The Face Of Your Beauty: that’s exactly how it works. All they need is the smallest of gaps and they are in.
@Helpless In The Face Of Your Beauty: NotPetya in June/July 2017 disabled an entire country (Ukraine) and then wider across the world within a day from a single computer in an accountants office in Odessa. All it takes is one accidental or mistaken click on an unpatched computer and its a done deal.
@Mr Cylinical:
Still doesn’t ring true. Patients data is held on databases. Even is they could access the tables and copy it is highly likely it’s hashed, plus they’ve no presentation layer to decipher.
@Mr Cylinical: Bang on. Or even back doors most IT folk don’t know about.
@iohanx: You’re right about the presentation layer. I’ve had the dubious pleasure of trying to decipher even non-encrypted databases from legacy vendors and it isn’t straight forward (what does status=1 actually mean? Where do the keys and indexes actually lead to?). I suspect its file shares with plain old Word docs that is at issue. Particularly if its ‘only’ 700GB (although even that, if true, could be up to 9M individual docs) [lots of assumptions in that calculation]
Employee of the year contender surely
@Sam Murray: No, that went to Paul Reid. It’s all a popularity contest if you ask me.
@Sam Murray: Low blow- it can happen to anyone, also could have been an employee of an older generation. Not everyone is as tech savvy as you may think, especially those who havent grown up in this new digital world from birth.
@Sam Murray: could happen to anyone man, cop on, was hardly intentional on their part. 100% blame to the hackers who targeted a national health service
@Sam Murray: you are very cruel. The HSE computing services at fault here.
@Byrne Billy: they are a HSE employee ffs
Not some tech illiterate random granny
Everyone should get training on this stuff to spot dodgy mails.
That’s not rocket science by any means.
In fact it’s mainly being street wise with a 5 minute understanding of hyperlinks
What use is an injunction if the data is sold or accessed in another country. Surely the injunction has no basis outside Ireland
@Paul Dolan: It’s not much use internationally, but I’m sure there might be multiple companies here that wouldn’t mind seeing that data if it was accessible, private health insurance providers, car insurance, etc.
@Paul Dolan: useful to order the USA giant ITC to block the links on their searching engines as well as act immediately when a person request them to erasure of their personal data. With the other any person can request to these companies to remove the links from their searching engines. The herd protecting the community
@Alan Byrne: I doubt they’d be able to use it, pretty much impossible to find a lawful basis for processing it on several grounds. I doubt a local insurance conpany would take such risk.
@Claude Saulnier: Yes, it would be a risk, but still private data like this has a value and can be exploited.
@Maria Quinn: what?
@Paul Dolan: it does if the platform used to blackmail someone here , Facebook Instagram etc .. it becomes their problem
That’s not fair now to blame this poor person. Imagine how they feel ? If the hse had updated their systems then maybe this would not have happened. Not fair to blame one person come on.
@Emer Daly: Probably not so much to do with updating as with security levels. You can have a fully up-to-date system but if you have standard employees that can execute processes with admin authorisations then you have accidents waiting to happen.
@Emer Daly: they employees should not be doing any personal internet usage.I can’t believe they had no backup.
Sounds like the journal and/or their source have completely misunderstood whatever information was passed to them. What they are describing is a computer that’s already encrypted and the ‘link’ the user clicked contained the details on how to pay the ransom. The hackers were already in their network before this user clicked the infamous ‘link’ in their clickbait headline. No other news company is going with this story.
@dreiglaser: Exactly. It specifically says in the story that the hackers were in the network for some time before they learned of the attack. And thay also explicitly say that this employee was the one who was informed of the attack. A lot of people seem to be believe that just training people not to click on links is all we need to do. In fact the hackers may have gained access through a number of different routes.
@dreiglaser: Agree. Probably soon to attribute the ‘LinkGate’ tag to the whole debacle.
Promotion for that person in due course no doubt
@LaoisWeather: Bill Clinton did not touch that computer.
@John Sullivan: Maybe not Bill. But Hillary’s emails?
My goodness. What a shambles
@Anna Carr: The weakest link in any network is the human element. I was watching this thing on youtube about fake tech support just last week. A guy had hacked their network with a reverse tunel and got cctv audio from all the calls and got in contact with bbc a great watch. But this is exactly what they fell for Fake Tech-Suport.
@Stefan Epure: wow that’s incredible.
This reads like total gibberish. Terrible article.
Just goes to show how poor email server and cyber security protection is if this attack goes through firewalls and security screening. Shame on you HSE for not backing up your systems and testing BCP plans regularly. IT 101
@vanc: Eh? They did backup their systems and are currently restoring them from backups. No guarantee email was involved either.
@vanc: They have extensive backups for the important databases, if the infections goes back a couple of weeks as suspected they will not have lost much data compared to the amount of important historical data they have that they need to access.
@Mickety Dee: doesn’t take as they say “weeks” to restore only 700gb of data.
@Alan Byrne: if they contact me for money to stop my data being published I will pay them with all the money I have in my Monopoly set and throw in a hotel and railway station
@Edward Reid: No point in restoring if there is still malicious software present. I’d say they are rebuilding the servers from scratch to be sure they are clean
Whats the betting that the user had local admin rights on the PC they were using. Local admin rights are evil in the enterprise and should never be granted to end users.
IT security should be layered like an onion where a small mistake lower down doesn’t hose the whole network.
They should have implemented the principle of least access (where employees are only given the necessary permissions to carry out their work)
However if the malware did exploit a zero day, its game over.
Regular penetration testing by outside cyber security companies is required, such as fake phishing campaigns (which generates a report to IT on how many clicked the link) also include the classic dropping a few flash drives in the car park of the hospital to see who is careless enough to plug them into their PC.
@Allen Nicholson: I agree, and on the fake phishing tests, it’s amazing to see the people that fall for them, I’ve seen many IT support staff amongst them that should know better.
@Alan Byrne: In fairness some of them are well thought out and worded so as to think it might be relevant to you. I work in IT and clicked on one recently (in my defence, after a very long day!). It referenced something that I had been expecting a mail on and I had clicked it out of instinct before I actually read it. D’oh
People saying they should be getting phishing training I agree but don’t forget they are also using windows 7 ffs. Lost cause.
That person will probably get a promotion.
@Donal Hogan: Clearly you understand nothing about computers or hacking. This person was used to inform the HSE that the hackers were already in the system, likely for weeks or longer. He or she didn’t let them in.
It sounds like by the time they initiated communication that the damage was done, it wasn’t this one poor persons fault they just happened to get the demand.
@Bluechip78: The journal think they have a scoop but they’ve completely misunderstood what their source has told them
HSE is beyond a joke. Inefficiency and incompetency from top to bottom. Needs a major overhaul or else privatisation might be the way to go
@Hugh: Privatisation with the government paying everyones yearly subscription would probably be cheaper than what it currently costs us due to the ineffecient setup we are lumbered with.
@Hugh: Yeah right because privatised healthcare works so well and because no large private companies have ever been hacked. Hacking is a fact of life. Very large and sophisticated companies have been hacked including very sensitive areas of the US federal government. No company is necessarily immune to this. It has zero to do with ownership. The NHS was hacked some years ago should they be privatised as well? Take your ideology elsewhere.
Well that’s the problem with keeping staff working from home! It would not have happened if staff were working in the office. It’s time to get people back to working from office again .
@Heisen berg1: bs
@Heisen berg1: Nonsense comment
@Heisen berg1: Nothing what so ever to do with it.
@Heisen berg1: utter rubbish
If only the computer said ‘no’!
@John Caplis: it would have if they didn’t cancel Little Britain!
“Are you tired of not satisfying her, all can change with this pill..click here”
There are two new support system that were launched in the last 15 months, one is on line IT support the other around the new SAP payroll. The roll out of SAP has been very problematic with very little lead in time due to Covid. Its not hard to understand how some could hit a suggested support link if they were having issues,around either of the systems.
@Paul Murphy:
Surely the SAP payroll, internal emails, Admin, and patient records are on entirely separate fully protected circuits, to presumably cloud-based systems within the organisation, each requiring independent log ins.
An independent IT audit and Report on the findings may be required so that we all can learn from the attack.
@Rory J Leonard: cloud based…..in the HSE. Not a hope. Broadly, the public service is still almost exclusively based on premise. ICT Managers across the HSE have been clamouring for guidance from the OGCIO in regards to cloud usage and the prevailing wisdom is not to use it as its “not secure”. Many public service bodies are only beginning to look at cloud and they’re 5 years to late.
@Rory J Leonard: nope!
@Rory J Leonard: I cab log on to any PC in the HSE using my account once I select the correct domain. I have access to the systems that apply to me ie SAP, NIMS, but many users will have multiple access to various systems depend on their role. Everyone has access to email and that’s the only common denominator. I need access permission from an Admin to access certain folders on a system of different drives but on email could bring the whole thing tumbling down
They should have been sitting at their desk when clicking the link, would have saved them having to ‘reach out’, not good for your back.
Who scripts these articles?
I’d like to go on the record and say that allegations that the name of my first pet was ‘Rover’ are unfounded.
well my data has already been published as evidenced by third party criminals constantly calling me. I just block each number in turn and they stop. if we just don’t turn a hair whatever they do, their business model fails.
Typical blame game… If the right systems and backup were in place this could easily have been avoided. But now we must spend “millions to fix this”… Same old story, no one will accept responsibility.
Whats the betting that the user had local admin rights on the PC they were using. Local admin rights are evil in the enterprise and should never be granted to end users.
IT security should be layered like an onion where a small mistake lower down doesn’t hose the whole network.
They should have implemented the principle of least access (where employees are only given the necessary permissions to carry out their work)
However if the malware did exploit a zero day, its game over.
Regular penetration testing by outside cyber security companies is required, such as fake phishing campaigns (which generates a report to IT on how many clicked the link) also include the classic dropping a few flash drives in the car park of the hospital to see who is careless enough to plug them into their PC.
Never clicking a link again. My bad
Fake news as usual from the journal
@Noel Donohue: Indeed. It is well known and publicised (by Interpol, FBI, etc) that this was and is an outfit comprised of mostly Ukrainian hackers. Go figure.
At best this article seems like a misinterpretation of the information, and at worst is just speculation being passed off as fact.
If the employee followed instructions in a file already on their computer, that would suggest that some breach had already occurred, otherwise how would that instruction file have been on the computer in the first place…
Very disingenuous to state as fact that the ransomware attack ‘began’ when the employee followed these instructions.
Seems the Journal, and their source, have just enough information/knowledge on the subject to be dangerous.
@Jim Murphy: They have just enough information/knowledge to ensure you remain in the dark.
Where is the Russian ambassador?
Has he left for Moscow
@Patrick Guerin:
This event happened immediately after the” jews in palestine ” threw a hissy fit over our condemnation of their assault on the Palestinians which followed a deliberate series of provocations in Palestinian east Jerusalem and during friday prayers which was predictably responded to . Israel has form and skill in such attacks qv Iran.
Perhaps the Israeli ambassador is the one who should be expelled ?
I wonder was the hackers name DrZeroCraic who usual avenues of getting confidential information from the HSE have temporarily dried up???
People clearly didn’t read the article.
The employee who clicked on the link didn’t CAUSE the attack. They DISCOVERED the attack.
@Gerard: read again, in these types of attack when the user clicks on a link it downloads and execute a malware
I hear the employee’s name is Chandler and he clicked on an email with nude pictures of anna……..
This is exactly what they fell for https://www.youtube.com/watch?v=le71yVPh4uk
@Stefan Epure: Great expose video, thanks for that link.
@Stefan Epure: nice try, I’m not clicking that link
@Random_paddy: Do it Paddy, it will be me on the other end providing on-line support. I won’t charge much to fix your computer. I’m trying to earn a few bob here ;-)
@Random_paddy: yeah i should have, actually provided a little info on content. Its the begining of a series of videos and a documentary that i belive everyone should watch. It shows exactly how theese guys operate and scam anyone that falls of it. Most victims are vulnerable people that arent great with tech. Education is key to stoping this kind of activity.
Completely misleading article title! They had comprised the network some time before this communication started via the link click :/
@Marty Quish: I don’t think this makes much sense, why would the attackers create a link to communicate the hack if they had control of the system?
I’m not a conspiracy person, but I do think there’s more to it.
politicians never get in trouble when they do wrong or make a mistake.
This puts the HSE in a very bad situation if accurate. The ransom will be tiny in comparison to DPC fines, Possible European fines and litigation from citizens. It suggests a complete dereliction of duty.
Not sure what is worse the insistence in “it wasn’t the Americans” or the incredible explanation like people knew nothing about firewalls, security controls and filters in workplace computers.
The only way to pass the firewalls is by someone actually working on them within the organisation, again strongly pointing towards USA subcontractors. The only with a reason too, the High Court decision to keep our data in our Land.
Today the government has got the High Court permission to order to all those USA corporations to remove from their searching engines anything that facilitate finding the data stolen by the noisy neighbour.
@Maria Quinn: What on earth are you talking about.
@Alan Byrne: normal ITC security in workplace with sensitive information. A team filtering and blocking access to …. the version of the government is impossible unless someone from the ITC security opens the wall, the access. All it’s contracted to USA corporations. They’re the only ones with an interest and in the trusted position.
The problem with the scams phone calls is a security at servers level, physically according to them … again USA contractors and again the FB Vs DPC on behalf of the EU case …. FB lost therefore “our data in our Land”
@Maria Quinn: any person phoning to government and public services lines … got a phone back from the telecom servers managing the system from the scammers …. you need physically access to the telecom servers to do so
So the question is where are those servers and who are the subcontractor
Let’s make up stuff
Bleedin spanner
The spelling in this article is terrible.
it is not the staff member’s fault. the lack of adequate training/policies/procedures, and security awareness around the elaborate schemes on phishing/social engineering.
the blame lies fairly and squarely with the IT department management and in other management departments.
force the staff to go through a training sessions and learn to discriminate, “if in doubt of any suspect email with phishing attempts, forward to security at IT department” and mass circulate alerting everyone. it’s a two way thing. clearly not the case here.
I think we miss the point at times, I have given a cyber security class, people don’t intentionally click on bad links. The con men coax them into clicking on a link they think is fine. A lot of contentious people have been caught out. But on the flip side the security of the servers etc must be better to battle the virus if downloaded. And most importantly up to date software and hardware.
I was right.
Dr. Hook
We need your bank details Paddy
What an absolute muppet of an employee!
The work was done at that point.
Front end machines probably need be out of contact with public almost everywhere you can get to the ports at back and email still the greatest threat for everyone.
Fire that woman
This is confusing. Did the hackers gain access to the network when one employee was tricked into clicking a link? Or had the hackers already stolen the data and then started to communicate with the HSE by making one PC non functional and directing the HSE employee to clink a link to message with the hackers?
have your say