Conficker Infecting Hospital Equipment

Conficker-mania peaked at the beginning of the month when the virus was supposed to start doing, well, something. With over ten million PCs infected, the Conficker worm was supposedly lying dormant awaiting further instructions. Both F-Secure and Sophos said that, although the Conficker worm will do something on April 1, triggering a global virus attack is highly unlikely. April 1 rolled around and sure enough, nothing of consequence happened.

According to a report in CNet (citing a security expert in a panel at the RSA security conference), the worm recently infected several hundred machines and critical medical equipment in an undisclosed number of hospitals. "It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, director of the SANS Internet Storm Center and a former White House cybersecurity official, Marcus Sachs, told CNET News.

Alright, so there are already at least 10 million computers around the globe infected with the virus, however, this revelation sort of brings home just how much damage Conficker could do if it were to do anything other than just sit there and poll different domain names every day to download and run an update program.

However, while some of us may have been a little too flippant about the prospect of Conficker, others think the panic surrounding Conficker is a real problem. PCWorld quotes Shawn Henry, assistant director of the FBI's Cyber Division as saying the focus on Conficker has been "a bit of a problem for us as a society" because it redirects concern from the overall threat. "Public awareness is wonderful," Henry conceded, "but I'd like to see coverage of the entire threat vector."

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
19 comments
    Your comment
  • Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?
    9
  • Infecting hospital equipment? Thats just wrong...

    Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?
    7
  • Critical can mean a number of things, I work for IT for a company that does tech support for ...probably hundreds of hospitals and medical practices. That's why this caught my eye.

    Anywho I'm not sure what the critical devices they're talking about are, but I know worst case scenario where I work, we'd have the stuff reimaged and ready to go in a matter of an hour or two, and barely anyone would notice.

    Critical for us means radiology imaging (PACS) nurse station workstations... these although critical, would not cause anyone to die or anything serious like that.

    Biomed equipment running embedded windows... perhaps... I don't know about that, not my department.
    4