Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Conficker worm hits hospital devices
mercurynews ^

Posted on 04/29/2009 8:03:10 PM PDT by Gomez

A computer worm that has alarmed security experts around the world has crawled into hundreds of medical devices at dozens of hospitals in the United States and other countries, according to technologists monitoring the threat.

The worm, known as "Conficker," has not harmed any patients, they say, but it poses a potential threat to hospital operations.

"A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker," said Marcus Sachs, director of the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute.

(Excerpt) Read more at mercurynews.com ...


TOPICS: Computers/Internet; Health/Medicine
KEYWORDS: conficker; confickerworm; hospital; hospitals; medicaldevices

1 posted on 04/29/2009 8:03:11 PM PDT by Gomez
[ Post Reply | Private Reply | View Replies]

To: Gomez

So medical devices connected to the network run Windows, eh? Now what could possibly go wrong?

WHAT ARE THEY THINKING?


2 posted on 04/29/2009 8:14:32 PM PDT by FrogBurger (Always compare news articles from different sources. When they fully agree, you can be sure it's BS.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gomez

National health care will be an absolute nightmare.


3 posted on 04/29/2009 8:14:42 PM PDT by JavaJumpy
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gomez
We really need to have an international death penalty option created for people who create computer worms and viruses. Are we going to wait until a virus or worm is responsible for an unimaginable number of deaths?
4 posted on 04/29/2009 8:47:52 PM PDT by BBell
[ Post Reply | Private Reply | To 1 | View Replies]

To: FrogBurger

Many may not know that they’re making patient beds with IP addresses now, which are connected to the network, which could potentially be hacked. Not only are the beds connected, but the drip bag machines are also connected. Hmmmmmm.......sounds like someone could hack into the hospital, find a certain patient’s bed and drip bag, and cause all kinds of havoc.


5 posted on 04/29/2009 9:21:51 PM PDT by I_Publius
[ Post Reply | Private Reply | To 2 | View Replies]

To: FrogBurger

The Tech stations usually are, but the devices themselves mostly not. GE Centricity workstations tend to be Windows 2000 Pro. Fujitsu/Siemens also tend to use Windows for the Tech workstations. Everything else tends to be some Unix variant.


6 posted on 04/29/2009 10:37:26 PM PDT by neb52
[ Post Reply | Private Reply | To 2 | View Replies]

To: neb52

Win 2k Pro can be patched to cover this...why wasn’t it? I’m usng a 2k Pro box right now and it was patched 3 days after the patch was released. Hey, gotta let the other fools find out which ones are totally broken, right?


7 posted on 04/30/2009 4:41:35 AM PDT by Fire_on_High (One Big Ass Mistake America!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Fire_on_High

If it is GE, then GE support controls the Admin access, unless the PACs Admin was able to wrestler that away from them. So those Tech workstations don’t get updated. Plus they are not (typically) connected, nor should they, to the Internet. I really don’t know why or how they got the bot. Sounds like the Network Admining going on at these Hospitals and Radiology Centers is really incompetent. The Radiology network should be separate from the general network. Granted there could be lose of control at the Image Viewing workstations that the Radiology doctors view the X-Rays on. I mean, Heaven forbid you take a docs Internet access away.

But those workstations would be (hopefully) regularly updated and running anti-virus and other anti-spyware software.


8 posted on 04/30/2009 5:06:43 AM PDT by neb52
[ Post Reply | Private Reply | To 7 | View Replies]

To: neb52

The only equipment that would be on a network that had Internet access, would be doctor offices that have one or two pieces of equipment, thus not validating having separate networks or the back end server having access and thus creating outside access to the equipment. Also putting the devices on the network is only a recent thing to digitize the images for secured web viewing. If we are talking bigger operations like Radiology Centers than the MRI and other equipment Tech workstations would be communicating with the back end Imaging Server. That server would have access to the Internet as it is communicating with the web server so that the Imaging Viewing software can be viewed externally.

This is one of the problems with doing the now standard practice of getting a second outside Radiologist’s opinion, which means giving them access to the internal network (usually via VPN). That means workstations that are not under the control of the office’s IT people.

If that home workstation that the Radiologists is doing his/her readings from is not properly patched than the bot or virus could be transmitted via the VPN onto the back end servers, than spread further out in the internal network.


9 posted on 04/30/2009 5:19:58 AM PDT by neb52
[ Post Reply | Private Reply | To 8 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson