🗣 Rob Rosenberger Profile picture
Jul 1 19 tweets 12 min read
Monthly reminder that I study today's global medical PANdemIC through the lens of many past computer virus panics. Click the "panic button" to read more!
twitter.com/i/events/12437…
1/18
Yesterday was #NickoSilar's birthday. Our industry spouts an #UrbanLegend that she died in a hospital #ransomware attack … yet the truth is a bit complicated for our collective reductionist beliefs.

Let's study the facts surrounding this baby's tragic death, shall we? Image
2/18
First, I need to caveat my role in this sad affair. I offer my expertise pro bono to the law firm representing the attending physician who delivered #NickoSilar on that fateful day. My specific goal is to protect Dr. Parnell from Springhill Medical Center's legal team.
3/18
I must admit it proved no easy task to pick Dr. Parnell over Nicko Silar's mother who, in truth, needs no expertise I can offer.

Maybe help Springhill Medical Center's CISO? Nope: SMC has already thrown Dr. Parnell under the bus to protect themselves & their CISO.
4/18
Let's begin by exploring the #UrbanLegend our industry propagates. It comes up in discussions about hospital #ransomware murders when someone (on Twitter it's usually me) asks for an obituary.

Except #NickoSilar isn't the first to be identified. It's a *different*…
5/18
#UrbanLegend about a woman in Germany who died in a hospital #ransomware attack.

Of course I'm fully prepared to dispel that urban legend as you can see in the example reply below. Then, and only then, does the debate shift to #NickoSilar.
6/18
Of course I'm fully prepared to dispel that #UrbanLegend, too, as you can see in the example reply below.

At this point various debaters will delete their own tweets and the conversation ends (as you can see in my example replies):
7/18
Okay, so we know the #UrbanLegend surrounding #NickoSilar's "death by #ransomware." It's time for facts.

Here's the TL;DR:

Wall Street Journal investigative reporter Kevin Poulsen et al. picked up the story 1½ years AFTER the baby died.
web.archive.org/web/2021100100…
8/18
That's it. That's the only fact you need to know.

Nobody in cybersecurity knew of this baby's birth for 2¼ years, nor of her death for 1½ years. We learned about it *only* because the wheels of justice finally moved along barely enough for us to detect it.
9/18
That's all you need to know for now, because that's all Kevin Poulsen has written on Twitter. He hasn't used both "hospital" and "ransomware" in a tweet since his #NickoSilar story dated 30 September 2021. Nor has he tweeted about Nicko Silar since.
10/18
I agree with anyone who feels the cybersecurity community has "matured" since the #antivirus industry coalesced in 1988.

Yet it's true that in 2022, our community still adores a good #UrbanLegend. To this day we don't need facts to claim deaths!
11/18
You'll find any number of experts who believe hospital deaths increased by some (infinitesimal?) value since the 2017 NHS #ransomware attack. In the words of Josh Corman: "a cyberattack can strain you enough to contribute to excess deaths."
12/18
I agree with experts who believe #ransomware stresses doctors & nurses. I've not contested the CISA statistical analysis Josh Corman cites.

AND

I believe stress from COVID politics had a bigger impact on hospital staff than #ransomware.
13/18
(I notice Corman used the word "strain," not "stress." It hints at perhaps a greater #ransomware problem in U.S. hospitals than we know. If this is true, it may be simply be the *hospital* industry is statistically blind to the true scope of their problem.) 😬
14/18
Let's face reality: if a pregnant woman rolls into a Texas ER for an emergency abortion, the staff won't pause to fret "what if #ransomware strikes as we struggle to decide who lives and who dies?" They'll feel a different, more "supreme" stress.
15/18
(Actually, the staff may overlook an old woman who comes in griping how Alka Seltzer didn't quench her heartburn. She drops dead while the staff focuses on the pregnant woman. But hey, at least the old lady didn't die from a #ransomware attack!)
nytimes.com/2022/05/09/wel…
16/18
Let's recap: no one in cybersecurity knew about #NickoSilar until 1½ years after her death certificate was filed and she was buried. The coroner didn't identify her cause of death as #ransomware nor a #cyber attack nor anything of that nature.
17/18
Yesterday was #NickoSilar's birthday. Yet across all of Twitter, only I cherished her memory. That … is a sad fact.

Especially given all the belated hoopla our cybersecurity community delivered in the form of an #UrbanLegend.

PS: 🤨
Image
18/18
I'll close this thread on a salient quote from Josh Corman: "Lots of prior exaggeration and crying wolf about the wrong things exhausted people for when clear and critical thinking is required."

Truer words were never spoken, Josh.

@threadreaderapp please unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🗣 Rob Rosenberger

🗣 Rob Rosenberger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @vmyths

Jun 26
This thread pays homage to every woman by name in the U.S. who got arrested by state police because she installed a period tracking app on her cell phone:

0.

Remember this when somebody tells you to "delete any period tracking apps you use!" #ASCII46
28K retweets for this hysterical advice to delete period tracker apps because state police can now haul women off to menstrual concentration camps
If you followed #hysterical advice to delete your period tracking app--

--you must also leave your phone in the car when you visit the DMV. It doesn't matter which state b/c they all provide "interloping database access" to other states.

Bored in the DMV? A small price to pay!
Read 9 tweets
Jun 20
1/17
Many of us have a #cybersecurity horror story about "an employee who got fired as a precaution, only later for the firm to realize their mistake, but HR just wished them thoughts & prayers because they couldn't bear to face up to their hasty firing assumptions."
2/17
We in cybersecurity insist we operate on data, facts, and logic.

But the truth is we love a good #ConspiracyTheory, and right now it's all about BSides Cleveland.

You'll find any number of people, e.g. @MalwareTechBlog, who believe whats-his-name had inside help.
3/17
Hutchins is invested in his theory and has put his money where his mouth is. Me, I'm risking $500 just to prove a point I made in the mid-1980s:

"That we never should have kicked Airman Snuffy out of the Air Force 'as a precaution'!"

I want @robtlee and @RobertMLee to...
Read 19 tweets
Jun 20
Exactly, sir!

Let's talk a "Cybersecurity No Fly List."

Ostensibly, I placed a $500 bet with Marcus Hutchins at 2:1 w/ the payout going to charity because I'm half-confident many of you jumped to the wrong conclusion about BSides Cleveland.

Realistically, though...
...I placed the bet because I worry our industry will create a "Cybersecurity No Fly List" (CNFL).

We'll do it hastily. We won't think it out properly.

And then we'll have the equivalent of a U.S. "No Fly" list.

Our very own #doxx list for cybersecurity can...
...easily expand from a simple .xls of organizers / venues / speakers / attendees who ooze toxicity.

One day you look down and the CNFL says "ban anyone from Russia. Reason: CISA ThreatKB 202209110842 marked LEO-sensitive. Until: further notice."

The next day you...
Read 14 tweets
Feb 27
To all my "OG" readers:

Let's take a step back in time to 1996.

I sit across from Rob T. Lee on the 609th Information Warfare Squadron operations floor. He's my crew commander; I'm his crew chief.

Lee knows I run "the Computer Virus Myths home page," which has grown so...
...popular that it's eating up all my free time. In December of that year the Ziff-Davis publishing empire will crown CVMhp "the world's #1 most useful website."

Trivia: Lee corrected a web page I wrote where I talked about Start Trek spaceship orbits!
Fact: Lee's career path toward AFOSI began when I formulated a plan to "lateral move" him off the ops floor. Trivia: I *almost* finagled DoD to attend the FOR508 class he authored with him on podium!

What I'm saying is, Lee & I have a career-long history:
Read 14 tweets
Feb 21
@taco_x86 @threadreaderapp Not yet.

Let me begin by recognizing that more than one person has yelled at me for RT'ing a debate re: cyber where I feel my followers should see both sides of the issue. Generally speaking: they don't want me to highlight our public conversation. I'm always like "WTFO?"
@taco_x86 "OG" readers like you know I view cyber from a similar perspective as #Doctrine_Man and #Mother_of_Tanks -- just two of many whom I've pissed off for QT'ing their tweets to reveal how insanely out-of-whack our industry's perception of #cyberwar really is.

Yet as a critic...
@taco_x86 ...I'm compelled to QT an abundant crop of tweets on crime & warfare to help us understand how cyber will fit into it.

I dare to ask philosophical questions, or to make what our industry would call a "valid" assumption, that makes no sense whatsoever to the person I'm QT'ing.
Read 6 tweets
Feb 21
@taco_x86 As a matter of fact I do! You're an "OG" CVMhp / Vmyths reader; you'll probably remember the column where I explained my Bacon Number to Roger Ebert is exactly 1:
@taco_x86 I continued conversing w/ Roger Ebert on CompuServe in the '80s & '90s. After his tirade re: "Highlander 2," I emailed him to explain how it broke the timeline for the sword Ramírez wielded. "Another reason to hate the movie," he replied! [paraphrased]
en.wikipedia.org/wiki/Highlande…
@taco_x86 The original "CVMhp" website followed a ... loose interpretation of what it means to be a critic.

Things changed in 1999 when Denise's career took her to Iowa. "As a consolation, why don't you take CVMhp to a new level? Make it profitable."

As if I needed a consolation prize 😃
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(