I think there is fault on both sides. Can’t just punish the ransomware authors.
1) Security in healthcare is a shit show. If there are lots of open exploits, there needs to be a fast way for them to get fixed and the software vendors shamed on.
2) when someone discovers an exploit, they shouldn’t have to fight lawsuits. The response to security flaws should not be suppressing them but fixing them ASAP.
3) people shouldn’t have to lose lives to make a point that security is weak and you better pay up for disregarding it.
1) Security in healthcare is a shit show. If there are lots of open exploits, there needs to be a fast way for them to get fixed and the software vendors shamed on.
2) when someone discovers an exploit, they shouldn’t have to fight lawsuits. The response to security flaws should not be suppressing them but fixing them ASAP.
3) people shouldn’t have to lose lives to make a point that security is weak and you better pay up for disregarding it.