If a hospital can't operate because some asshole was able to remotely hack it bad enough to basically shut it down, we might need to rethink how things are run.
this post was submitted on 10 May 2024
4 points (100.0% liked)
Technology
59020 readers
4241 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Happened in Germany recently. They could continue to operate since everything is still backed up in paper, but everything went slower and new emergency patients couldn't be accepted.
It is shocking that the digital level of the hospitals is still in the 70s.
It is about funding. The corners IT has to cut is because lack of money.
Also the amount of legacy operating system to keep hardware like scanners running is a lot. Medical devices are delivered with a workstation that never updates. It is hard to justify buying a new mri of 1.5 million when the accompanied workstation is outdated.
Sure you can vlan and firewall the hell out of it. But they still have a large attack surface.
The whole health care sector is capitalism and it should be government lead.
This keeps happening and has been happening for several years now; why isn’t more being done to improve security and find the criminals? I can’t walk into a hospital with so much as a pocket knife because of physical security concerns, but cybercriminals keep taking down a new system seemingly every week, and this article says the software used has been seen for years now.
The FBI et al. do try to find the guys. Arrests happen relatively frequently.
But security improvements don't happen because they cost money, and nobody is making them do it, though this is slowly changing.
When permitting security failures costs more than preventing, then companies will do something.
Can I sue a company for inadequate data protections if my data is breached? I assume I would have to prove damages, and maybe that becomes harder if I can’t tie the victimization to a specific breach. And probably the terms of service make it harder, like I might have to use arbitration and can’t join a class action suit.
Fixing the issue doesn't line the pockets of investors. People aren't going to stop going to the hospital, so why fix it?