someone tried to hack us 20 million times!

Forums › Off topic › someone tried to hack us 20 million times!

Batman

Mad Scientist
30014 posts

Uber Geek
+1 received by user: 6217

Trusted

Lifetime subscriber

#152221 20-Sep-2014 10:34

http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11328395

Police are investigating after attempts were allegedly made to hack a nationwide patient database.

In an email obtained by the Otago Daily Times, Southern Primary Health Organisation clinical adviser Keith Abbott, of Dunedin, warned GPs and health organisations about the ''significant hacking attempt'' on September 9.

He said the hacker tried to gain access to DrInfo, which is used by health boards, including the Southern District Health Board, medical centres and GPs around the country.

''Starting at 11am on September 9, in one case continuously lasting for 12 hours, a single IP [internet protocol] address has made over 20 million attempts to guess the passwords of practices, PHOs and DHBs in New Zealand,'' Dr Abbott said.

1 | 2

18009 posts

Uber Geek
+1 received by user: 8465

Trusted

Lifetime subscriber

#1132587 20-Sep-2014 10:39

It sounds pretty good that their system resisted that sort of concerted effort.

leaplae

218 posts

Master Geek
+1 received by user: 62

ID Verified

#1132589 20-Sep-2014 10:43

Sure hope their systems blocked the IP after a few attempts - unless the 20 million attempts were after the IP was locked out.

Batman

Mad Scientist
30014 posts

Uber Geek
+1 received by user: 6217

Trusted

Lifetime subscriber

#1132599 20-Sep-2014 10:51

yeah my first reaction was - after 3 attempts you do something - 20 million attempts! gosh

matisyahu

1639 posts

Uber Geek
+1 received by user: 355

Trusted

#1132608 20-Sep-2014 11:07

leaplae: Sure hope their systems blocked the IP after a few attempts - unless the 20 million attempts were after the IP was locked out.

I'm kind of disappointed that they didn't name the location of where there IP address is located.

"When the people are being beaten with a stick, they are not much happier if it is called 'the People's Stick'"

afe66

3181 posts

Uber Geek
+1 received by user: 1678

Lifetime subscriber

#1132632 20-Sep-2014 11:45

While the attempt was unsuccessful, this is why I will be opting out of the e record medical system.

Once access gained, search for people prescribed

Dolutegravir/abacavir/lamivudine

Mifepristine

Peginterferon

Viagra

Etc.

A.

jarledb

Webhead
3319 posts

Uber Geek
+1 received by user: 1983

Moderator

ID Verified

Trusted

Lifetime subscriber

#1132641 20-Sep-2014 12:06

leaplae: Sure hope their systems blocked the IP after a few attempts - unless the 20 million attempts were after the IP was locked out.

Those kind of attacks are usually distributed now. That means you get a whole bunch of bots (infected computers, usually running Windows), that try to brute force their way in. Its pretty common, for example it is pretty common for WordPress sites to see those kind of distributed brute force attacks.

Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.

Lego

Shop now for Lego sets and other gifts (affiliate link).

Batman

Mad Scientist
30014 posts

Uber Geek
+1 received by user: 6217

Trusted

Lifetime subscriber

#1132643 20-Sep-2014 12:09

Infected computers attacking a health site ... how apocalyptic!

leaplae

218 posts

Master Geek
+1 received by user: 62

ID Verified

#1132685 20-Sep-2014 13:08

jarledb:
leaplae: Sure hope their systems blocked the IP after a few attempts - unless the 20 million attempts were after the IP was locked out.

Those kind of attacks are usually distributed now. That means you get a whole bunch of bots (infected computers, usually running Windows), that try to brute force their way in. Its pretty common, for example it is pretty common for WordPress sites to see those kind of distributed brute force attacks.

I know, but this one was from a single IP.

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#1132718 20-Sep-2014 14:10

kawaii:
leaplae: Sure hope their systems blocked the IP after a few attempts - unless the 20 million attempts were after the IP was locked out.

I'm kind of disappointed that they didn't name the location of where there IP address is located.

ild expect this was proxied though a IP in another country...

gotta be pretty stupid to do it while exposing your real ip!

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

sir1963

3428 posts

Uber Geek
+1 received by user: 3756

Subscriber

#1132773 20-Sep-2014 17:10

afe66: While the attempt was unsuccessful, this is why I will be opting out of the e record medical system.

Once access gained, search for people prescribed

Dolutegravir/abacavir/lamivudine

Mifepristine

Peginterferon

Viagra

Etc.

A.

Thats nice...... but did you know that when you "opt-out" all your medical records are STILL put into the "cloud" along with everyone else's and they are simply marked as "inaccessible". Your records can NOT be removed or deleted.

Better yet, I opted out with medtech, but that information was never sent to my GP, and it was not easy for him to find where to opt me out.

The cloud goal also keep changing, so what you believed was happening with your information can change at any stage on the whim of the ministry of health, they have no obligation to inform you of these changes, it is up to you to ask your GP (who is also not guaranteed to be informed).

Were you told that you had to opt-out, the default is that everyone who is enrolled with a medical practice is opted in. In some cases you may also find that if you opt-out you may loose all your health subsidies.

DarthKermit

5346 posts

Uber Geek
+1 received by user: 3317

Trusted

#1132801 20-Sep-2014 17:38

joker97: http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11328395

Police are investigating after attempts were allegedly made to hack a nationwide patient database. In an email obtained by the Otago Daily Times, Southern Primary Health Organisation clinical adviser Keith Abbott, of Dunedin, warned GPs and health organisations about the ''significant hacking attempt'' on September 9. He said the hacker tried to gain access to DrInfo, which is used by health boards, including the Southern District Health Board, medical centres and GPs around the country. ''Starting at 11am on September 9, in one case continuously lasting for 12 hours, a single IP [internet protocol] address has made over 20 million attempts to guess the passwords of practices, PHOs and DHBs in New Zealand,'' Dr Abbott said.

Sorry about that, the Enter key on my keyboard was stuck.

Whatifthespacekeyhadneverbeeninvented?

Dell

Shop now for Dell laptops and other devices (affiliate link).

Beccara

1473 posts

Uber Geek
+1 received by user: 517

ID Verified

#1132829 20-Sep-2014 18:22

Hahaha I like how everyone is missing the point that this system was available outside of connected health

Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated

afe66

3181 posts

Uber Geek
+1 received by user: 1678

Lifetime subscriber

#1132841 20-Sep-2014 18:40

sir1963:

Thats nice...... but did you know that when you "opt-out" all your medical records are STILL put into the "cloud" along with everyone else's and they are simply marked as "inaccessible". Your records can NOT be removed or deleted.

Better yet, I opted out with medtech, but that information was never sent to my GP, and it was not easy for him to find where to opt me out.

The cloud goal also keep changing, so what you believed was happening with your information can change at any stage on the whim of the ministry of health, they have no obligation to inform you of these changes, it is up to you to ask your GP (who is also not guaranteed to be informed).

Were you told that you had to opt-out, the default is that everyone who is enrolled with a medical practice is opted in. In some cases you may also find that if you opt-out you may loose all your health subsidies.

I attended the presentation/push for the proposed electronic records system last year.

I expressed my cynicism at the time about their faith in system security having seen it at work in in hospitals. Didn't stop Jessie Ridders radiology records being accessed. Sure they knew who it was because they used their own login details which was stupid.

Questions about security of information being stored overseas was met with rolled eyes.

Yes, I know you had to opt out. I was at the presentation.

My eyes rolled at the " limiited access " to these records to trusted people... So doctors, nurses, district nurses practice nurses, pharmacist, physiotherapy, midwife, occupational therapists, SLT ...all those passwords, all those pc's being left on...

A.

Kyanar

4089 posts

Uber Geek
+1 received by user: 1684

ID Verified

Trusted

#1132895 20-Sep-2014 20:31

Beccara: Hahaha I like how everyone is missing the point that this system was available outside of connected health

Agreed. There's a giant private WAN link available to healthcare organisations for the sole purpose of making this kind of system available to authorised users. The problem is that some practices are too cheap to connect in, so all too many systems have to be made available on the public internet. The MoH really needs to strangle (financially, and maybe literally) any provider who refuses to link to Connected Health.

Beccara

1473 posts

Uber Geek
+1 received by user: 517

ID Verified

#1132901 20-Sep-2014 20:48

I dont blame them given how bad HealthLink are to deal with

1 | 2