02.10.10
Microsoft Software Attacks Yet Another Hospital
Summary: Leeds hospital is under attacks from Windows malware/botnets (a familiar story from many other UK hospitals)
A few days ago we showed that Microsoft was trying to make the healthcare system more dependent on Microsoft software [1, 2, 3]. Well, guess what?
Leeds hospital has come under attack by Conficker and/or Microsoft Windows zombies. This puts many lives at risk and probably causes increased casualties.
Servers on the network of NHS Leeds were struck down by the Conficker worm late last week.
This is not the first of its kind and the NHS has been suffering a lot from its dependency on Microsoft [1, 2, 3, 4, 5]. Related posts on Conficker/malware at hospitals include:
- Security Links: Another Hospital Falls Prey to Windows Spyware; Another Trojan and Botnet
- US Army Becomes Zombies Army; London Hospitals Still Ill (Windows Viruses)
- NHS Never Learns: Windows Viruses Leave British Patients to Die, Again
- How Many People Must Die Before Abandoning Windows?
- Utah Has Novell, SCO, and… Conficker in the Hospitals
- New Casualties of Microsoft Windows?
There is no simple solution within sight, but it’s obvious what the problem is. IDG writes about critical Windows flaws of which there were many this week:
Microsoft delivers huge Windows security update
The 26 flaws fixed today were off the record of 34 set in October 2009 when Microsoft last issued 13 security bulletins. However, if Microsoft had waited until today to deliver the rush Internet Explorer (IE) update it released late last month — the IE patches were original slated to appear as part of today’s collection — this month’s lot would have tied the vulnerability record.
Well, these patches were mentioned twice already [1, 2]. They show that Windows will never be secure. But it’s actually worse than that. Based on some new numbers from McAfee, Windows zombies continue to ruin E-mail with about 1 trillion (that’s 1 with 12 trailing zeros) spam messages per week. We’re all paying for this.
Spam volumes decreased by 24% in the fourth quarter of 2009 sequentially, with an average of approximately 135.5 billion spam messages per day, according to McAfee’s threat report for the fourth quarter of 2009.
What can Microsoft do about it? Surely it can only deliver the illusion of security that one gets from software that is shrewdly labeled by marketing people. Based on this new report:
Even users running up-to-date anti-virus software still get infected with malware, according to stats from an online malware scanning service.
Nearly a third (25,000 out of 78,800) of computers with up-to-date anti-virus software were discovered to be infected with malicious code when users scanned their PC using SurfRight’s HitmanPro 3 behavioural scan.
When will the time be right to impose bans? Life is at stake because hospitals are digitalised. █
your_friend said,
February 13, 2010 at 4:52 pm
There’s no need to beat around the bush about it, people are hurt and die when software at hospitals does not work. Healthcare is all about having the right information at the right time and proper equipment response is often critical. It is a crime that medical equipment makers and hospitals use Microsoft’s third rate software. They do it from ignorance, deception and coercion but the result is the same chaos that home users and other businesses see. Windows should only be used for toy systems and game playing. Even in those restricted roles, the systems should only be allowed onto networks with careful, competent supervision.
If hooking up to the internet requires a “driver’s license” Microsoft Windows is a recidivist drunk driving gangster that should be be in jail. They belonged under house arrests ten years ago as “i love you” and others brought the web to it’s knees. Attempts to take over hospitals today are like the drunk driving straight through the emergency room door. Just say no to Microsoft.
Roy Schestowitz Reply:
February 13th, 2010 at 6:37 pm
Some hospitals in France are moving to Free software. It’ll hopefully come to English-speaking hospitals too (some time in the next few years). It’s sorely needed. http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1295082/