Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virginia Health Database Held For Ransom

Posted by timothy on from the single-point-of-failure dept.

An anonymous reader writes "The Washington Post's Security Fix is reporting that hackers broke into servers at the Virginia health department that monitors prescription drug abuse and replaced the homepage with a ransom demand. The attackers claimed they had deleted the backups, and demanded $10 million for the return of prescription data on more than 8 million Virginians. Virginia isn't saying much about the attacks at the moment, except to acknowledge that they've involved the FBI, and that they've shut down e-mail and a whole mess of servers for the state department of health professionals. The Post piece credits Wikileaks as the source, which has a copy of the ransom note left behind by the attackers."

1 of 325 comments (clear)

  1. Re:Michigan by burnin1965 · · Score: 5, Interesting

    key members of the IT infrastructure were given instructions ahead of time to take the day off, not tell anyone they were told to take the day off and, best of all, not answer their phone or e-mail

    if someone's on call and doesn't answer their phone, you beat them with at bamboo cane a the next opportunity

    Actually it looks like the scenario was designed to show that management should be severely caned for using on-call support as a means of running an operation.

    Forcing employees to adhere to an on-call schedule is a bullshit method of saving on labor expenses by shifting the cost to the employee who is then forced to tailor their personal life to support their employer.

    For all you on-call sysadmins out there I have a bit of information for you. I've seen a semiconductor factory that runs 24/7 and the support departments always had a paid crew working 24/7 to support production. The on shift crew was always enough to maintain operations and respond to disasters, i.e. power outages and bumps that take equipment down. While this may sound like an expensive solution for 24/7 operations it is actually cheaper if properly implemented. One of the keys to success is spreading the support work load across the shifts. The benefit is also a faster response to issues rather than waiting on a pager response.

    And one last concept I'd like to plant, that Blackberry they give you to carry on your hip every waking hour of every day including your days off is not a perk. You may feel all geeky and important with your company paid geek status symbol but in reality its simply a corporate slave leash.