Tassie health dept preps for malware stormfront
The DHHS has called for a vendor to provide an all-encompassing security solution to cover its approximately 4,400 desktop PCs, 150 Unix, Linux and Windows servers, in addition to tablet PCs, smart phones and e-mail and gateway systems.
Although DHHS currently runs Computer Associate's eTrust antivirus software, the department made it clear it needed a beefier solution.
"The nature, frequency and sophistication of the threats to connected networks are confounding traditional approaches," it wrote in tender documents released today.
"DHHS now wishes to broaden the scope of its traditional virus scanning approach to consider all likely channels and types of threat."
The organisation's IT support manager, Ben Terry, told ZDNet Australia the impending security rollout was all about preparing for the worst, particularly in terms of e-mail worms spread by rogue spammers.
"We haven't actually seen a malicious payload yet, one that's super-destructive -- for example one that deletes partition tables, or formats drives or something horrible like that," he said.
"So we've been fortunate, but that risk is there. Eventually someone will send something that is really terrible, something equivalent to bird flu, and if and when we get something like that, we'll suddenly realise the amount of effort we've put into this was not enough."
"That's the way I'm thinking about this. If you look at it from a risk management point of view, the likelihood at the moment is only moderate, but the potential impact is catastrophic."
Terry said while he was concerned about the ability of e-mail worms to impact on desktop PCs, the potential was also there to cause massive network congestion.
"Network traffic storms are possible -- where the switches just start sending trillions of message to each other and render the network unusable," he said.
The IT manager is no stranger to network downtime -- he has weathered significant problems with both spam and viruses.
"Viruses are a massive threat for us, as they are for everybody, and we have to be very strategic about how we deal with that threat," he said.
"We've seen with Code Red and Nimda and some of the worms that they have the capacity to take our networks down."
"There have been catastrophic outages -- one of them for three days," he said. "We're talking about thousands of PCs ... we've also had to take our mail servers down, for example."
But it hasn't all been bad news for DHHS. A recent whole-of-government effort in Tasmania to tackle spam has almost eliminated unsolicited bulk e-mail from DHHS's around 7,000 e-mail inboxes, according to Terry.
"Now we don't see too much spam at all because of that service," he said.
The IT manager also hasn't seen much in the way of spyware on his department's machines.
Ultimately the nature of his organisation's work appears to have made Terry proactive about the information security threats it is facing.
"There's several ways that I think malware could actually stop our business entirely, and as you would appreciate, with a health department we have hundreds of applications relying on the network to deliver direct patient care," he said.
"So this is very serious."