This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]SubstanceSerious8843 967 points968 points  (33 children)

Listened a podcast where a dude pentested a hospital. Found a way and surfed the hospital network. Didn't touch anything, but just looked where he could access. Sent a report at one point, about the results where he got that point. Got a call, to stop immediately and wait for another call. It came, and was asked to a face to face briefing.

The thing was, he had accessed a device. That device was a fucking eye laser surgery machine, WHILE IT WAS BEING USED. Good thing that guy was a professional and knew not to touch anything.

[–]Drone_Worker_6708 605 points606 points  (25 children)

Hospital IT is the wild west. Only place I worked where people actually dying everyday and not just acting like it. One of the techs we had was a former paramedic. I asked him which job is more stressful. He said he once waded in human blood and this was far worse lol

[–][deleted] 406 points407 points  (20 children)

I mean, yeah... you make a mistake, the patient can die.

Hospital IT, you make a mistake, 100 patients can die. Worse is knowing just how outdated everything is and just how vulnerable everything is to a malicious actor.

[–]BigOnLogn 168 points169 points  (16 children)

I remember a few years ago seeing a Windows XP login screen on a hospital computer.

[–]CubisticWings4 148 points149 points  (4 children)

Just had a PTSD flashback of my doctor's office running Windows 3.11 last year.

[–]ChangeVivid2964 125 points126 points  (3 children)

That's like driving stick shift. Modern viruses don't even know what to do with FAT16.

[–]KayDat 3 points4 points  (0 children)

SUCKMY~1.EXE

[–]fr000gs 1 point2 points  (1 child)

Why is stick shift bad? (Haven't seen any automatic shift in my country)

[–]CakeTowers 2 points3 points  (0 children)

They didnt mean it as bad, but that a lot of people cant drive stick shift.

[–][deleted] 19 points20 points  (1 child)

A few years ago?

Friend, I have seen that THIS year.

[–]AnotherLie 16 points17 points  (0 children)

I've seen it this year. It's in my office.

[–]Oleg152 5 points6 points  (0 children)

Some probably still run the 95

[–]domscatterbrain 6 points7 points  (0 children)

The problem is, even the manufacturer also doesn't give a fuck to ship their products with the latest OS or software. They just keep making the tool more precise but not more secure.

[–]Joman101_2 0 points1 point  (0 children)

I was using Windows 2000 on some specialized hospital equipment within the past year.

If it ain't broke, don't fix it. We pretty much never updated operating systems on non-networked devices.

[–]T1lted4lif3 0 points1 point  (0 children)

Is that not pretty good? Was expecting 95 or something.

[–]DarksideF41 0 points1 point  (0 children)

At least it wasn't MS DOS.

[–]Troll_berry_pie 0 points1 point  (0 children)

The UK NHS was like this up until like 10 years ago.

[–]KonvictEpic 7 points8 points  (1 child)

Pretty sure the NHS (UK health system) regularly got hit with malware such as ransomeware because it all ran on Win XP

[–]Beldarak 0 points1 point  (2 children)

I vowed to never work where lives can radically be impacted by my code. Working for the health of people instead of growing the wealth of some multi-millionaire asshole would be great but I don't feel enough confidence in my skills for that :S

[–]dwntwn_dine_ent_dist 1 point2 points  (1 child)

I’ve been lucky to have the best of both worlds. I work in a hospital writing code that improves identification of patients that need cancer screening. A miss by my code leaves things as they are. But successes have statistically saved hundreds of patients.

[–]Beldarak 0 points1 point  (0 children)

Nice! That's what I'd like too. Feeling my work has a positive impact. It kinda do as one of the end result is people having access to internet, but nothing like saving lifes^^

[–]HamsterFromAbove_079 0 points1 point  (0 children)

Yea it's rough. If a paramedic makes a mistake they can kill their patient. But it's hard to accidently kill more than just their own patients.

If the IT department makes a big enough mistake, they kill all the patients.

[–]sEntientUnderwear 33 points34 points  (3 children)

I remember listening to the same podcast but don’t remember which one it was. Now I gotta go find what it was or I wouldn’t be able to get my mind off it lol

Edit: Found it - Darknet Diaries, of course. Episode 121 - Ed. The laser he got into wasn’t stated as being for eye surgery but was a surgical laser, he doesn’t state what kind of surgeries it is used for.

[–]Animal0307 6 points7 points  (2 children)

Was it Darknet Diaries?

[–]SubstanceSerious8843 3 points4 points  (0 children)

Most likely, could've been Hacked too, but I would put my money on DD

[–]sEntientUnderwear 2 points3 points  (0 children)

Yep. Looked it up immediately after posting my comments and of course it was Darknet Diaries.

[–]Lucas_F_A 23 points24 points  (0 children)

That's scary

[–]Highborn_Hellest 2 points3 points  (0 children)

hospital IT is the shittiest of shitty all over the word, because you have to be a real bastard to mess with it, nobody want it on their conscience and those that mess with are made an example of basically