Conficker Worm Hits Hospital Devices

by Elise Ackerman - April 29th, 2009 - Mercury News

A computer worm that has alarmed security experts around the world has crawled into hundreds of medical devices at dozens of hospitals in the United States and other countries, according to technologists monitoring the threat.

The worm, known as "Conficker," has not harmed any patients, they say, but it poses a potential threat to hospital operations.

"A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker," said Marcus Sachs, director of the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute.

Around March 24, researchers monitoring the worm noticed that an imaging machine used to review high-resolution images was reaching out over the Internet to get instructions — presumably from the programmers who created Conficker.

The researchers dug deeper and discovered that more than 300 similar devices at hospitals around the world had been compromised. The manufacturer of the devices told them none of the machines were supposed to be connected to the Internet — and yet they were. And because the machines were running an unpatched version of Microsoft's operating system used in embedded devices they were vulnerable.

Normally, the solution would be simply to install a patch, which Microsoft released in October. But the device manufacturer said rules from the U.S. Food and Drug Administration required that a 90-day notice be given before the machines could be patched.

As a computer consultant this article caught my attention this morning, not just from a purely curiosity perspective. Just two days ago I worked on a computer from a local doctor's office and found it infected with the computer virus Conficker. Though it is fairly easy to stop the computer infection, it was much harder to rid the computer of the virus after the computer was infected and even harder and more time consuming to repair the damage the virus caused.

It appears that computers in medical facilities and doctor's offices are being targeted. Combine that with the utter stupidity of rules like the 90 day rule mentioned in the article above and you have to wonder what the consequences will be if the federal government gets more involved in health care. Bureaucrats rarely display what any outsider would see as intelligence and rules that obstruct the removal of a known virus are going to kill people in the future. We must stop the move to socialized medicine.