Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hospital Equipment Infected With Conficker

Posted by timothy on from the would-never-happen-with-electronic-medical-records dept.

nandemoari writes "Recently, the Conficker/Downadup worm infected several hundred machines and critical medical equipment in an undisclosed number of US hospitals. The attacks were not widespread; however, Marcus Sachs, director of the SANS Internet Storm Center, told CNET News that it raises the awareness of what we would do if there were millions of computers infected in hospitals or in critical infrastructure locations. It's not clear how the devices (including heart monitors, MRI machines and PCs) got infected. Infected computers were running Windows NT and Windows 2000 in a local area network (LAN) that wasn't supposed to be Internet accessible, but the LAN was connected to one with direct Internet access. A patch was released by Microsoft last October that fixes the problem, but the computers infected were reportedly too old to be patched."

3 of 289 comments (clear)

  1. Another reason to choose open source by Ironica · · Score: 5, Informative

    I can totally understand why these systems were still running NT or 2000. If it ain't broke, don't fix it, right?

    But if it ain't supported anymore, and it's completely closed-source, you literally CAN'T get fixes for vulnerabilities discovered later on. At least with an OSS product, you'd be able to hire a developer to fix the specific vulnerability on the existing system.

    --
    Don't you wish your girlfriend was a geek like me?
  2. The question by thePowerOfGrayskull · · Score: 4, Informative

    The question here is this: did the sub-human wankers who created this ever consider this possibility? Now that it's happened, do you think they give a shit? Is there a chance that someone is saying, "Gee, maybe this wasn't such a good idea..." right about now?

  3. Re:Old Computers by The+Grim+Reefer2 · · Score: 4, Informative

    Shouldn't they be using OpenBSD, then?

    Then the hospitals all complain because the in-house IT generally only understand MS, so they will have to pay for even the simplistic things.

    I work for a medical software company and we had a program that ran on Linux only for a long time. We eventually ported it to Windows because the majority of the support calls required an on site visit since no one in IT support was willing and/or able to touch a Linux box. Several times I went to sites and the only problem would be that the hard disk was full and they simply needed to delete some old/unneeded data.