Windoze is good for gaming, that's all.
Something as serious as hospital equipment needs a secure, reliable OS. One that has a UNIX basis.
Conficker infected critical hospital equipment
Summary
The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of hospitals recently, a security expert said at the RSA Conference.
Topics
SAN FRANCISCO--The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of hospitals recently, a security expert said on Thursday in a panel at the RSA security conference.
"It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, Marcus Sachs told CNET News.com after the session. Sachs is the director of the SANS Internet Storm Center and a former White House cybersecurity official.
It is unclear how the devices, which control things like heart monitors and MRI machines, and the PCs got infected, he said. The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected, he said.
- See also: Conficker's estimated cost? $9.1 billion
- RSA Conference '09: Government's approach to network security [video]
- IT security still has 'perilous gaps of risk'
The situation illustrates the dangers of connecting critical networks, like in hospitals and in SCADA (Supervisory Control and Data Acquisition) systems used by utilities and other critical infrastructure providers, with networks connected to the Internet, he said during the panel "Securing Critical Infrastructures: Infrastructure Exposed."
"We haven't found any nukes yet that are infected with Conficker or that are trying things like Twitter," he quipped. But "that is within the probable as we take shortcuts," he said.
"We're seeing a huge uptick in probing for SCADA systems," said Jerry Dixon, director of analysis and vice president of government relations at research firm Team Cymru. For years, the SCADA systems were separated from the public networks, but that's not the case anymore, he said.
Utilities move to remote access and other Internet-based technologies so workers can have access to the control systems when they are not at the plant and to cut costs, Sachs said. Workers have been known to access control systems using BlackBerrys for no reason other than that they can, he said.
Asked after the panel if cyberattacks had led to any utility outages, Michael Assante, chief security officer of the North American Electrical Reliability Corporation (NERC), said "none in North America."
"There is no evidence of computer compromise that led to a disruption of service," he said. "We're not immune to it; it's not hypothetical."
Government officials maintained that an electricity blackout in 2003 in the northeastern United States was not caused by the Blaster Internet worm that was circulating at the time as was suspected, but officials also were never able to reveal why it happened.
This article was first published on CNET News.
Talkback Most Recent of 44 Talkback(s)
-
InAction Man24th Apr 2009 -
Yawn
Well, are you sure your name is not really inActive Man?
As in it is easy to see what part of your anatomy is inactive
GuidingLight24th Apr 2009 -
I don't know...
I may actually agree with him...
The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected, he said.
I mean, if you're going to let your systems go that long without patching, updating, apparently without an updated AV engine, AND connected to the internet... you might as well use something that no one wants to exploit, even if they could.
Badgered24th Apr 2009 -
That is a STRONG argument you bring to the table MisguindingLight
Would you care to debate? But please be more specific.InAction Man24th Apr 2009 -
Inactive Man's posts are like an OLD Aerosmith song
It's the same old story
Same old song and dannnnnnce, my friend
It's the same old story
Same old story
Same old song and daaaaannnnnce yeah yeah
MGP224th Apr 2009 -
It is easy to just say that they should have
put a *nix on them. That would have only been a viable option should the software running on them could be ported over to linux or unix.
At the very least they should have upgraded the computers to XP, if they could handle it, if not replaced them all together.
I don't even run an OS that is no longer supported and patched by the Manufacturer. So in this case running NT, I would have upgraded them, and kept Current AV on them. Doesn't much matter if you're not connected to the net, if people are jacking disks and jump drives into the machine, at some point some one is going to bring something in.
xXSpeedzXx24th Apr 2009 -
Laser Hair Removal - Windows based.
Don't ask how I know...
ejhonda24th Apr 2009 -
Awesome MS Software!
It is so secure, stable and a great investment, meanwhile
in reality people's lives were at risk and look who is
to blame MS!
NO reason why a company cannot ditch this software and
MS Clowns for a real IT Solution Open_Source and
REAL Systems people...
Not the 'point & clickers'....
Christian_<><24th Apr 2009 -
MS is to blame!
As the worm used a vulnerability is Windows OS
to infect it.
So, is your position that every vendor is
responsible for the consequences if there are
bugs/vulnerabilities in their software?
If so, which OS are we supposed to run? OS X
has 3 times more vulnerabilities than Vista.
Linux kernel - without any apps or added
distro crap - has 2 times as many
vulnerabilities! Sustained over the last 3
years, at least! So what are we to do?
Windows Vista is *the* operating system with
most mechanisms in place to protect users
against exploits in MS and 3rd party software.
Linux has only limited protections which are
switched off in most distros anyway. OSX has
next to none. Should Microsoft learn from them?
Or should we blame someone who ran a 10 year
old OS without patching AND let the machines
connect to the Internet?
honeymonster24th Apr 2009 -
Uh, no.
It is so secure, stable and a great investment, meanwhile in reality people's lives were at risk and look who is to blame MS!
No, the person(s) to blame are the scum who are responsible for creating Conficker.
Hallowed are the Ori24th Apr 2009 -
Scum are OS agnogstic.
They don't care who makes the operating system. Wherever they can make the most money is where they will strike. No matter who is in control the scum will always be there to make our lives more difficult.
kozmcrae24th Apr 2009 -
As everyone else in the windoze ecosystem they are trying to make a living
Many others in that ecosystem make a living exploiting users in more legal ways. I find their actions questionable too.InAction Man24th Apr 2009 -
Grow up. (nt)
(nt)
bjbrock24th Apr 2009 -
Real -- like you?
You need to GET real. The hospital IT administrators should be HUNG for gross negligence.
Leaving obsolete, unpatched systems running medical equipment should be a crimial offense -- REGARDLESS of the operating system.
Unfortunately, there are just as many idiots running unpatched and insecure Linux systems -- check the number of open relays available to spammers to get a clue.
Marty R. Milette24th Apr 2009 -
Perhaps they needed the money to save some lives.
And forgot to hire non medical personnel to take care of their troublesome windows machines.
Perhaps they thought that the new imaging system was more important than replacing their well fnctioning machines only to adopt microsoft's latest and greatest for no reason.
Have you thought about it?InAction Man24th Apr 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
