Sign in with
Sign up | Sign in

Conficker Infecting Hospital Equipment

By - Source: Tom's Hardware US | B 19 comments

The Conficker panic has largely subsided, however, recent reports about the virus infecting hospital equipment will probably be enough to get people all jacked up again.

Conficker-mania peaked at the beginning of the month when the virus was supposed to start doing, well, something. With over ten million PCs infected, the Conficker worm was supposedly lying dormant awaiting further instructions. Both F-Secure and Sophos said that, although the Conficker worm will do something on April 1, triggering a global virus attack is highly unlikely. April 1 rolled around and sure enough, nothing of consequence happened.

According to a report in CNet (citing a security expert in a panel at the RSA security conference), the worm recently infected several hundred machines and critical medical equipment in an undisclosed number of hospitals. "It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, director of the SANS Internet Storm Center and a former White House cybersecurity official, Marcus Sachs, told CNET News.

Alright, so there are already at least 10 million computers around the globe infected with the virus, however, this revelation sort of brings home just how much damage Conficker could do if it were to do anything other than just sit there and poll different domain names every day to download and run an update program.

However, while some of us may have been a little too flippant about the prospect of Conficker, others think the panic surrounding Conficker is a real problem. PCWorld quotes Shawn Henry, assistant director of the FBI's Cyber Division as saying the focus on Conficker has been "a bit of a problem for us as a society" because it redirects concern from the overall threat. "Public awareness is wonderful," Henry conceded, "but I'd like to see coverage of the entire threat vector."

Display 19 Comments.
This thread is closed for comments
  • 9 Hide
    Anonymous , April 24, 2009 7:54 PM
    Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?
  • 7 Hide
    MrBradley , April 24, 2009 7:59 PM
    Infecting hospital equipment? Thats just wrong...

    Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?
  • 4 Hide
    vgdarkstar , April 24, 2009 8:02 PM
    Critical can mean a number of things, I work for IT for a company that does tech support for ...probably hundreds of hospitals and medical practices. That's why this caught my eye.

    Anywho I'm not sure what the critical devices they're talking about are, but I know worst case scenario where I work, we'd have the stuff reimaged and ready to go in a matter of an hour or two, and barely anyone would notice.

    Critical for us means radiology imaging (PACS) nurse station workstations... these although critical, would not cause anyone to die or anything serious like that.

    Biomed equipment running embedded windows... perhaps... I don't know about that, not my department.
  • 2 Hide
    NoCaDrummer , April 24, 2009 8:03 PM
    I totally agree with Anonymous1138. The same question applies to military installations - WHY?
    I'd think that the relatively minor extra salary they might have to pay to have someone knowledgeable in 'nix (especially Linux) in-house would be easily offset by the money and time spent ferreting out viruses like this one, or having to wipe you PC with a "clean" install.
    But then, the anti-virus program providers wouldn't be making a bundle, would they? Nor would the guys who sell you the latest OS every couple of years, nor the guys who sell you the newest PC (with the latest OS) every four years....
  • -4 Hide
    jsloan , April 24, 2009 8:20 PM
    see why all these morons creating rootkits, ect are good for...
  • -1 Hide
    Shadow703793 , April 24, 2009 8:45 PM
    Anonymous1138Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?

    EXACTLY. These kind of systems need to be running Embedded Linux.
  • 0 Hide
    Anonymous , April 24, 2009 9:07 PM
    So here's an example. I work for a hospital and we have what are essentially medication vending machines in nursing units. These machines are running Windows. The machines themselves aren't on the Internet directly, however they can see the rest of the network, and much of it is on the Internet. I agree that this is bad and if it were up to me nothing important would run Windows. Unfortunately the IT departments often don't pick the products that are used within an organization. Why do developers keep picking Windows?
  • 3 Hide
    B-Unit , April 24, 2009 9:14 PM
    OK, I work front line support in a hospital, and belive me, the nurses, med techs, and doctors have enough problems using Windows, we don't need to confuse them further with Linux. As said, an infected machine can be neutralized and put back into production in less than 2 hours. No computer keeps people alive, thats what the staff is for. The PCs are only tools to simplify their job.
  • -4 Hide
    Anonymous , April 24, 2009 9:33 PM
    "embedded, secure operating system" -- What's that? Embedded Linux? Come on kids. Don't fool yourself. While more "secure" than Windows, Linux is definitely not "secure".
  • 2 Hide
    SAL-e , April 24, 2009 9:36 PM
    Propaganda, propaganda, and more brain washing! All those "news" are just happen to be released when new laws are crafted to give the government extended rights to spy on our networks and to control the Internet.
    Any one who really works on front line knows that the weakest link is the human not the computers and OSes.
  • 0 Hide
    Anonymous , April 25, 2009 1:34 AM
    I call BS, why on earth would critical medical equipment be running Windows, and for what? Windows isn't exactly ideal for any type of mechanical automation, I've rarely seen it used for that. Ever seen a USB defibrilator?
  • 0 Hide
    ossie , April 25, 2009 1:45 AM
    Anonymous1138Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?

    For corporate profits and politics. Also, "developers" love dumbed down environments, they can produce more expensive crap, much more faster and efficiently, with just a few mouse button clicks.
    Also, NSA (cornea & cochlea corp. = C3) and the likes wouldn't be too happy with some less known uncooperative OS.

    @SAL-e Since when did C3 bother with legal roadblocks? That's just for idiot box junkies. Governments don't need "rights" to spy, they just do it, because "yes we can".
  • 0 Hide
    eddieroolz , April 25, 2009 3:23 AM
    Wow, the irony in the title.
  • 0 Hide
    jhansonxi , April 25, 2009 5:19 AM
    NSARules"embedded, secure operating system" -- What's that? Embedded Linux? Come on kids. Don't fool yourself. While more "secure" than Windows, Linux is definitely not "secure".
    Depends on how it's configured. With SELinux and strong passwords it is pretty difficult to break without physical access to the machine. SELinux was developed by the NSA but I'm sure you already knew that.
  • -1 Hide
    RiotSniperX , April 25, 2009 2:39 PM
    MrBradleyInfecting hospital equipment? Thats just wrong...Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?


    I 100% Agree, wtf do they need them connected to the internet, to play quake live? Wtf?
  • -1 Hide
    m3kt3k , April 25, 2009 5:54 PM
    Having a friend going to surgery this week for Cancer THIS IS FUCKING SCARY. They are using the new VanGoh machine. Its networked so people can operate remotly..........
  • 1 Hide
    superblahman123 , April 26, 2009 1:01 AM
    RiotSniperXI 100% Agree, wtf do they need them connected to the internet, to play quake live? Wtf?


    Keep in mind that it doesn't have to be connected directly to the internet. Follow the line: Internet, hospital computer, hospital network, hospital equipment monitored by network & remote access equipment such as med-flight. NOTHING on the network is safe.
  • 0 Hide
    techguy911 , April 26, 2009 10:48 PM
    I call BS on this conflicker hype and that's all it is, i have my own computer store on average i clean 10 machines a day min, i have yet to see one copy of conflicker.

    To catch conflicker you have to have the following conditions:

    1) no updates done to windows the update to block conflicker is almost a year old.
    2) Wide open network no firewalls how can a hospital have no firewalls that's hard to believe.
    3) Internal infected machines, the hospital would have had to have been infected by already infected internal machines.

    What was the hospital IT guy doing all machines would have not been updated for over a year that would leave huge security holes to allow hackers to view your medical records.

    While it is possible for this to happen they would have to have very poor security protocols and a really bad IT staff.
  • 0 Hide
    antilycus , April 27, 2009 6:15 PM
    security within computers is 100% impossible. An employee can always take your files (credit card numbers, SSN, address) and walk out of the buildilng with it. NOTHING can stop that