back to article Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers

Octapharma Plasma has blamed IT "network issues" for the ongoing closure of its 150-plus centers across the US. It's feared a ransomware infection may be the root cause of the medical firm's ailment. "All centers are experiencing network issues and are currently closed," according to a  banner across the top of the company's …

  1. JustAnotherDistro

    Pretty clever

    Growing evidence that after the US authorities declared that healthcare was an especially important and vulnerable sector on which cyberwarfare would not be tolerated, the attackers understood exactly how valuable and vulnerable the sector was, and focused their efforts on it.

    I'm curious at what rate Russian, Chinese, and North Korean organizations, business and government entities included, are victimized by ransomware. Does anyone have any idea? What, pray tell, are we in the west to do about this--accept the ongoing losses as the price of open IT borders?

    1. elDog

      Guessing the ransomware knows not to attack it's bosses in the Kremlin, Beijing, NORK

      There may be occasional lapses in IP mappings, etc. We call that "friendly fire."

      The biggest problem in the US, at least, is a totally wild-west capitalist system where the biggest Vulture Capitalist can buy multiple health-care facilities and strip them of any costly IT departments that may try to deter these attacks.

      I've witnessed two of my health-care providers in the little state of Vermont be rendered helpless by these attacks - in one case causing multi-week denial of services. These small (by international norms) organizations just don't have, and don't want to pay for, the resources to protect themselves.

      Pity the small practices/practioners across this poor country (the US).

      1. Pascal Monett Silver badge

        Re: don't want to pay for, the resources to protect themselves

        Not a problem then. Those Vulture Capitalists will just have to continue paying the danegeld until they get fed up with doing so.

        Nothing educates like pain.

        1. parlei

          Re: don't want to pay for, the resources to protect themselves

          If it was just the vulture capitalists that got hit many would be tempted to cheer the crooks on. But what is at stake is patient data and medical organisations ability to function.

    2. MachDiamond Silver badge

      Re: Pretty clever

      "What, pray tell, are we in the west to do about this"

      Make sure the executives of these companies are liable for prison time and serious fines if they've neglected their security efforts in pursuit of money. Otherwise, there isn't much a non-dictitorial government can do since they are likely even further behind the times when it comes to technology and their are mainly lawyers to begin with (Lawyer: A person with few useful skills. Politician: A primitive form of Lawyer.)

  2. An_Old_Dog Silver badge

    No BC, No DR, Yet Again

    This is yet another business/organisation with no business continuity or disaster recovery plans dealing with computer failure.

    Members of rhe board of directors who voted, lobbied, or manuevered against formulating effective BC/DR plans should be held personally, financially responsible for this.

    Hoping (virtual) lightning doesn't strike is not to be considered an "effective BC/DR plan."

  3. t245t Silver badge
    Terminator

    BlackSuit ransomware infection vector

    How does BlackSuit initially get a foothold on the computers?

    1. Version 1.0 Silver badge
      Pirate

      Re: BlackSuit ransomware infection vector

      For years now companies have all been busy sharing data and access, both within the company and outside into the internet, an environment that makes one infection reach everyone.

      Creating the Internet was so helpful before malware was invented, but now we need to make some very big internal "access" changes to prevent malware access at this level.

      1. Cliffwilliams44 Silver badge

        Re: BlackSuit ransomware infection vector

        That, plus, as the article said, known Cisco vulnerabilities.

        A recent survey of mid-sized businesses in Europe revealed that a large share of them have known vulnerabilities (known to them) un-patches for various reasons. i.e. expired licenses, lack of technical knowledge, lack of resources to pay for that knowledge, refusal to allocate down time, or just fear that patching may cause extended down time. The same situation exists in the US as well, I am sure. I've worked for businesses that were like this. Back then it was not as critical as today.

        And the government is worse. To do business with the US government they "require" you to be CMMC compliant, I can assure you that the agencies you work with ARE NOT CMMC compliant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like