Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Dealing With Unwanted But Official Security Probes?

Posted by timothy on from the surely-you-have-nothing-to-hide dept.

An anonymous reader writes "I manage a few computers for an independent private medical practice connected to a hospital network. Recently I discovered repeated attempts to access these computers. After adjusting the firewall to drop connections from the attacking computers, I reported the presumed hacker IP to hospital IT. I was told that the activity was conducted by the hospital corporation for security purposes. The activity continues. It has included attempted fuzzing of a web server, buffer overrun attacks, attempts to access a protected database, attempts to get the password file, etc. The doctors want to maintain a relationship with the hospital and are worried that involving law enforcement would destroy the relationship. What would you advise the doctors to do next?"

2 of 238 comments (clear)

  1. Unless you are incompetent... by Anonymous Coward · · Score: 0, Troll

    Unless you are incompetent, you have nothing to worry about. Just ignore them.

  2. Find someone with a clue to do your job. by BitZtream · · Score: 0, Troll

    Seriously.

    Whats the contract between the two firms say? Are they causing you harm? Are you just being uppity about log entries?

    The obvious answer to your question is that if you want to continue the relationship with the hospital, you will shut the fuck up and be happy they continue to outsource things to your firm.

    Its possible that they are doing something 'wrong', for various definitions of wrong, but the fact that you asked the question here, the way your phrased the question, and the information (or lack of) that you provided lets me know that you don't actually know if what they are doing is wrong even.

    I would advise the doctors to seek outside consul by a qualified IT professional who can manage their network appropriately for the needs of medical facilities. Hell, you haven't even clarified if what they are doing is testing your HIPAA data security requirements or something other, which means you probably haven't even considered how HIPAA plays into this.

    Just because you can run a Linux box and configure iptables doesn't make you qualified to do IT everywhere.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager