Ransomware Scum — Out For Blood: NYBCe is Latest Victim
New York Blood Center Enterprises crippled by ransomware scrotes unknown.
Vampire “cyberterrorists” have sucked the life out of NYBCe, a nonprofit blood donation organization. Supplies to more than 400 hospitals are now at risk.
It’s no joke. In today’s SB Blogwatch, we’re full to the brim with righteous indignation.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Piano Piano Piano.
Bloody Hell
What’s the craic? Carly Page reports: US blood donation giant warns of disruption after ransomware attack
“Not yet known”
New York Blood Center (NYBC), one of the largest nonprofit blood centers in the United States, says it is experiencing service disruptions after being hit by a ransomware attack. [It] provides blood to over 200 hospitals in the northeast U.S. and transfusion-related medical services to over 500 hospitals nationally.
…
This comes as the NYBC declared a blood emergency last week after seeing a 30% drop in donations that the organization says has “crippled the region’s blood supply.” Donations of all blood types are urgently needed, with some types “dangerously low” in supply.
…
It’s not yet known who was behind the cyberattack and no major ransomware group has yet claimed credit for the intrusion. It’s also unclear whether any patient data was accessed as a result of the attack.
In fact, it’s bigger than NYBC. Jonathan Greig explains: Ransomware attack on New York Blood Center forces workarounds, drive cancellations
“More than 400 hospital”
New York Blood Center Enterprises said its team discovered suspicious activity … and third-party cybersecurity experts later confirmed it was a ransomware incident. … Founded in 1964, New York Blood Center Enterprises controls multiple blood-related entities, including New York Blood Center, Community Blood Center, Blood Bank of Delmarva, Innovative Blood Resources, Memorial Blood Centers, Nebraska Community Blood Bank, Rhode Island Blood Center, Connecticut Blood Center and others, according to its website.
…
[They] collect about 4,000 units of blood products each day and serve more than 400 hospitals across dozens of states. The ransomware attack is the latest in a string of cybersecurity incidents gravely impacting blood centers and pathology services in multiple countries.
Feeling a touch of déjà vu? Kristina Beek enumerates “A Never-Ending List:”
“Changes must be made”
Ransomware attacks have become a harsh reality in healthcare. … It’s not just reputational damage or financial strain, … it’s patients’ lives at stake.
…
Healthcare institutions offer a plethora of information and data types, ranging from medical records to financial details, and a variety of personally identifiable information. … And when threat actors do decide to breach these healthcare organizations’ networks, they steal this information.
…
Healthcare institutions have a known track record for their willingness to pay bad actors whatever’s necessary in order to get their patients the care they need. … Changes must be made to cybersecurity practices in the healthcare industry if patient care is going to prevail.
After all, cybercriminals gonna cybercrime, amirite? Wrong, says Throatwarbler Mangrove:
Cybercrime? … This is cyberterrorism.
…
It’s a real goddamn shame that the grim cyberpunk future of being able to kill hackers with Black ICE has not come to fruition. … The only fitting judgment would be using the perpetrators as perpetual bloodbags. Make them contribute blood for the rest of their lives to make up for the losses they’ve caused.
Ouch. But we do need to fix the infrastructure. u/BrocksNumberOne sounds slightly sarcastic:
Good thing we just removed all of the advisory boards and Biden’s EOs around hardening our infrastructure. IR folks will be eatin’ good for the next few years.
And we still don’t know whodunit. DissentDoe addresses the perps:
A personal message to whatever threat actor or ransomware group hit the New York Blood Center: You are endangering lives. And every day that goes by will put more lives at risk. Do the morally right thing and give them a decryptor now.
Some are blaming the victim. An_Old_Dog has this colorful metaphor:
While I don’t disagree with those excoriating the perpetrators, I don’t think those posters have looked at the situation carefully enough. Punishment is due to the executives—and everyone who agreed with those execs to make a critical-health system completely dependent upon an overarching, single point of failure.
…
If you dance upon the railway tracks long enough, you will eventually be struck.
Lest we forget, lives are at stake. This anonymous Redditor reminds us why you should care:
I’m a labor and delivery nurse. My last patient hemorrhaged and needed four units just to stabilize. Blood and blood products are so incredibly important.
What’s happening on the ground? NYBCe’s embattled PRs put a brave face on it:
We are still accepting blood donations, … but donation center activities and blood drives may need to be rescheduled. If we determine any donation appointments need to be rescheduled, we will let our donors know as quickly as possible.
…
Your support means everything to us. In the coming weeks, it may be necessary for us to do another push for more blood donations once we work through this challenge, and we will count on our community’s support. If you’re eligible, we encourage you to make a donation, and we appreciate your patience … as we work through this. Thank you for your support.
Meanwhile, seriously, EricB123 is seriously pissed:
Seriously? If I hear a corporate spokesperson say, “We take security very seriously,” just one more time, I’m going postal.
And Finally:
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Nosferatu—F.W. Murnau (public domain)
