Conficker-mania peaked at the beginning of the month when the virus was supposed to start doing, well, something. With over ten million PCs infected, the Conficker worm was supposedly lying dormant awaiting further instructions. Both F-Secure and Sophos said that, although the Conficker worm will do something on April 1, triggering a global virus attack is highly unlikely. April 1 rolled around and sure enough, nothing of consequence happened.
According to a report in CNet (citing a security expert in a panel at the RSA security conference), the worm recently infected several hundred machines and critical medical equipment in an undisclosed number of hospitals. "It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, director of the SANS Internet Storm Center and a former White House cybersecurity official, Marcus Sachs, told CNET News.
Alright, so there are already at least 10 million computers around the globe infected with the virus, however, this revelation sort of brings home just how much damage Conficker could do if it were to do anything other than just sit there and poll different domain names every day to download and run an update program.
However, while some of us may have been a little too flippant about the prospect of Conficker, others think the panic surrounding Conficker is a real problem. PCWorld quotes Shawn Henry, assistant director of the FBI's Cyber Division as saying the focus on Conficker has been "a bit of a problem for us as a society" because it redirects concern from the overall threat. "Public awareness is wonderful," Henry conceded, "but I'd like to see coverage of the entire threat vector."
Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?
Anywho I'm not sure what the critical devices they're talking about are, but I know worst case scenario where I work, we'd have the stuff reimaged and ready to go in a matter of an hour or two, and barely anyone would notice.
Critical for us means radiology imaging (PACS) nurse station workstations... these although critical, would not cause anyone to die or anything serious like that.
Biomed equipment running embedded windows... perhaps... I don't know about that, not my department.
I'd think that the relatively minor extra salary they might have to pay to have someone knowledgeable in 'nix (especially Linux) in-house would be easily offset by the money and time spent ferreting out viruses like this one, or having to wipe you PC with a "clean" install.
But then, the anti-virus program providers wouldn't be making a bundle, would they? Nor would the guys who sell you the latest OS every couple of years, nor the guys who sell you the newest PC (with the latest OS) every four years....
Any one who really works on front line knows that the weakest link is the human not the computers and OSes.