TVTropes Now available in the app store!
Open

Follow TV Tropes

Following

Hospital server hacked for CoD:BO (or, why gamers have a horrible rep)

Go To

KylerThatch literary masochist Since: Jan, 2001
literary masochist
#51: Jan 16th 2011 at 7:31:06 AM

For the benefit of the unenlightened, what is a day zero attack?

This "faculty lot" you speak of sounds like a place of great power...
Marioguy128 Geomancer from various galaxies Since: Jan, 2010
Geomancer
#52: Jan 16th 2011 at 7:37:24 AM

I'm just appalled at all this.

You got some dirt on you. Here's some more!
AttObl ... Since: Oct, 2010
...
#53: Jan 16th 2011 at 7:40:55 AM

The Other Wiki has you covered on Zero-day attacks.

edited 16th Jan '11 7:41:15 AM by AttObl

Shutdown sequence initiated.
Ana Since: Jan, 2001
#54: Jan 16th 2011 at 7:42:07 AM

Ninja'd, nvm.

edited 16th Jan '11 7:42:27 AM by Ana

MajorTom Since: Dec, 2009
#55: Jan 16th 2011 at 8:25:02 AM

@Kyler:

In a nutshell, a Day Zero Attack is exploiting a vulnerability that literally nobody knows about.

Ana Since: Jan, 2001
#56: Jan 16th 2011 at 9:35:42 AM

Well, not literally. If really no one knew about it they couldn't exploit it either. wink

And most vulnerabilities are known in advance in smaller circles but fly under the radar for quite some time.

Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#58: Jan 16th 2011 at 12:57:35 PM

Major Tom says what I tried to say much better than I did.

If a network is a castle under siege, then a zero-day attack is someone finding a hole in the wall nobody knew about and using it. There's no patch, no official fix, no barricade in the hole to keep people from getting in. I believe there are mailing lists by people (at least one's a government group) who report these things, let people compensate until a patch comes out.

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
KSPAM PARTY PARTY PARTY I WANNA HAVE A PARTY from PARTY ROCK Since: Oct, 2009 Relationship Status: Giving love a bad name
PARTY PARTY PARTY I WANNA HAVE A PARTY
#59: Jan 16th 2011 at 1:01:01 PM

To the hackers: You went full-retard. You never go full-retard.

I've got new mythological machinery, and very handsome supernatural scenery. Goodfae: a mafia web serial
Nohbody "In distress", my ass. from Somewhere in Dixie Since: Jan, 2001 Relationship Status: Mu
"In distress", my ass.
#60: Jan 16th 2011 at 6:20:11 PM

While I'm not saying the hospital in question is blameless in this situation, ultimately it's the crackers  *

who broke into the system, and not by accident.

As far as I'm concerned, throw the book at them (whichever book applies, not sure off the top of my head).

And then use another book, on the subject of IT security, to whack the hospital's IT staff upside the head. tongue

All your safe space are belong to Trump
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#61: Jan 16th 2011 at 6:32:17 PM

[up]Pretty much.

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
RocketDude Since: May, 2009
#62: Jan 16th 2011 at 8:51:11 PM

Do we know that it was done intentionally? After all, this might have been a freak accident.

Wicked223 from Death Star in the forest Since: Apr, 2009
#63: Jan 16th 2011 at 9:15:53 PM

Breaking into a private, secured server doesn't happen by accident.

You can't even write racist abuse in excrement on somebody's car without the politically correct brigade jumping down your throat!
Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
DUMB
#64: Jan 16th 2011 at 9:18:51 PM

No, but it is possible that they didn't know that it was a hospital server.

[1] This facsimile operated in part by synAC.
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#65: Jan 16th 2011 at 9:25:28 PM

...unless the security was virtually nil, I don't know how they couldn't. It's not like these things are sitting in the internet, waiting for someone to walk in. The server should have been behind a DMZ and firewalls, IDS/IPS devices, etc. Heck, the fact that they knew the IP Address of the hospital is weird, and they would have known who it was registered to when they looked it up.

Then again, I'm not as big an expert on network security I think I am, but still.

edited 16th Jan '11 9:26:30 PM by TheInferno

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
DUMB
#66: Jan 16th 2011 at 9:29:48 PM

No, they obviously intended to break into something, but if they were working on a low level, they could have not known that it was a hospital. Possibly.

[1] This facsimile operated in part by synAC.
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#67: Jan 16th 2011 at 9:32:43 PM

...I don't get it.

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
DUMB
#68: Jan 16th 2011 at 9:39:42 PM

Well, here's a scenario. They find about an exploit in the server software the hospital uses. Like Apache or something. To pick a target, they look up an Apache mailing list and pick a name at random, tracing their info back to the hospital website. Then they launch their exploit, which is probably a command line program. Bam, they're hacked in, without ever looking at a webpage or anything.

[1] This facsimile operated in part by synAC.
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#69: Jan 16th 2011 at 9:44:36 PM

Ah, I see. Like finding a master key for a certain brand of lock and then finding a place that uses that lock...

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
RocketDude Since: May, 2009
#70: Jan 16th 2011 at 9:46:07 PM

Plus, if they were doing it intentionally, that would kinda imply they had the skills to do more damage than simply hosting a game of Call Of friggin' Duty.

^^Or that.

edited 16th Jan '11 9:46:36 PM by RocketDude

Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
DUMB
#71: Jan 16th 2011 at 9:47:06 PM

^^Yeah.

Mind, I don't know much about security either, I'd just rather concoct this sort of scenario than believe that somebody could disable a hospital in order to play a video game.

[1] This facsimile operated in part by synAC.
TheInferno |Y| = |X| Add 5 from probably on Earth Since: Jul, 2010
|Y| = |X| Add 5
#72: Jan 16th 2011 at 9:52:43 PM

People do some stupid crap. And they didn't say that they hadn't stolen the medical records, too.

"The fact that your food can be made into makeshift bombs alarms the Hell out of me, Scrye." - Charlatan
Tzetze DUMB from a converted church in Venice, Italy Since: Jan, 2001
DUMB
#73: Jan 16th 2011 at 9:56:25 PM

If the hackers wiped the records of their intrusion, which they probably did, the hospital probably can't tell ever.

[1] This facsimile operated in part by synAC.
Nohbody "In distress", my ass. from Somewhere in Dixie Since: Jan, 2001 Relationship Status: Mu
"In distress", my ass.
#74: Jan 17th 2011 at 2:44:47 AM

Yes, they were probably just running some script, and it's entirely possible that the hospital's FQDN  *

didn't even come up, just an IP address.

But they didn't just "accidentally" run the script. They deliberately ran a script/crack that was designed to break into systems over which they have no authority, and give them control (however limited) of the invaded server.

While one could make the argument that not all breaking into servers is necessarily immoral (but I won't, not interested in that conversation, not to mention it's way off topic for not only this thread, but this forum), IMO you'd need a pretty bent moral system to think it's acceptable to do so just for the sake of hosting an FPS game.

edited 17th Jan '11 2:53:44 AM by Nohbody

All your safe space are belong to Trump
Exploder Pretending to be human Since: Jan, 2001
Pretending to be human
#75: Jan 17th 2011 at 2:58:08 AM

Has there been any updates to the story? Accident, deliberate, whatever?


Total posts: 104
Top