On 3/17/2020 1:54 PM, Dan White wrote:
On 03/17/20 14:38 -0400, Rich Kulawiec wrote:
On Tue, Mar 17, 2020 at 08:38:28AM -0700, Mike Bolitho wrote:
Anybody who works in the healthcare vertical will tell you just how
bad medical devices are to work with from an IT perspective.
Medical devices are appallingly bad to work with from an IT perspective.
They're designed and built to work in idealized environments that don't
exist, they make unduly optimistic assumptions, they completely fail to
account for hostile actors, and whenever possible they are gratuitously
incompatible to ensure vendor lock-in.
That's the good news. Here's the bad news: in about 2-3 weeks, when
our health care systems are stretched to the breaking point, there will
be a window of opportunity for adversaries to maximize the damage.
On a slightly tangential topic, we had a dictionary attack against
customer
voice accounts over night, presumably to implement toll fraud. We were in
the middle of working out work-from-home plans and were quite distracted
with other things. We managed to get on top of it quickly once someone
noticed.
Attackers taking advantage of this situation is a serious concern.
Dan, we're aware of another telco that ran into a similar fraud
situation last week. They stood up some more restrictive ACLs to combat
the fraud, but broke VoIP RTP in the process. 'Hit em while they're
occupied' type of attacks I guess should be expected right now. As my
grandmother would say: an ounce of prevention is worth a pound of cure.
