Subj : hackers targeting hospitals
To   : All
From : August Abolins
Date : Wed May 06 2020 06:48 pm

Hello!

https://krebsonsecurity.com/2020/05/europes-largest-private-hospital- 
operator-fresenius-hit-by-ransomware/

==[begin]==

06 May 20
Europe's Largest Private Hospital Operator Fresenius Hit by Ransomware

Fresenius, Europe's largest private hospital operator and a major provider
of dialysis products and services that are in such high demand thanks to
the COVID-19 pandemic, has been hit in a ransomware cyber attack on its
technology systems.

==[end===


The article doesn't report HOW the ransomeware got triggered.

But if it was by some cleverly disguised email/link originally in an  
employee's email, why can't the outbound email servers be configured to  
only allow valid domains? ..and thus sending the bogus ones to the bit  
bucket.

WRT Email: Employees at places of work like the article describes,  
shouldn't even have access to email other than to company-related  
addresses.

WRT WWW: An employee shouldn't even be able to access links that are  
designed to be phish-bait.

Can't a company's local servers simply block all www domains except the  
ones approved?

Eg. People at work don't need to access Facebook or expose company  
computers to malicious sites.

  ../|ug

--- OpenXP 5.0.43
 * Origin:  (2:221/1.58)

.