Healthcare is way too expensive, so expensive that you probably die helpless without insurance and with so many money they can’t buy few hard disks to make a nas for backups?
Why? Are they have put their prices on assessment and we didn’t see it?
The issue is not that they had no backups.
The article even specifically states the health care has good backups.
The trouble is paving and restoring a server and then restoring from backup.
This takes a serious amount of time.
Imagaine all you have is a data backup, now hand me your hard drive so I drill a hole in it.
How long will it take you to get your machine backup and running again?
Now tripple that for a server so you can wipe and rebuild the raid array and reconfigure windows, install your programs, restore from backup, and the amount of time you need for ONE computer multiply that for all the machines in teh hospital say one for every room and 4-5 for each nurses station. how much time is this??
Speaking from experience we are talking a day or two for each server, 2-4 hours per machine.
Say you have 100 patient rooms and 20 nurses stations, and 10 servers...
20 to 40 man hour days for the servers, 240 to 480 man hours for all the machines.
And you have to start with the network first, no computers can be up until you can confirm the network is clean, then no computers can be on until they are all wiped and reimaged.
We are talking MONTHS of work before everything is back to some semblance of normal and even then nothing will be the same as it was before no matter how hard you try.
Luckily with virtualization and good backups you cut this time down significantly if you are able to pinpoint the breach and fix it (not just location but time as well) maybe you can get back up faster and only drop (lose) a months worth of data.