Waikato DHB Reports Failure of Its Antivirus
In its latest audit report, Waikato District Health Board said that a virus, which closed down its system entirely in December last year, entered the system as the so-called virus protection software failed to eliminate the threat.
According to Craig Climo, Chief Executive, flaws in DHB's machines facilitated the Conficker worm to disseminate, as per the statement published by radionz.co.nz on April 14, 2010.
Apart from this, negligence is setting passwords, along with weak implementation of security policy and extensive use of USB sticks were also considered as the reasons which resulted in shutting down of systems for around two days in a few parts of heath services provider. The attack affected around 3000 systems.
According to the DHB's report, Conficker penetrated the network of Waikato District Health Board in December 2009, most certainly trough a USB stick that was loaded onto a Wilson Parking workstation connected to DHB's network.
In the context of devastation caused by the Conficker worm, Alan Grainer, Chief Information Officer of Waikato, said that using USB sticks in Waikato DHB's network was still banned, as per the statement published by scoop.co.nz on April 14, 2010. The Officer added that DHB must assure that the provisions made to control USB-linked risks are completely worked up and are in place before reestablishing them.
It appears that the new report also points criticisms at the DHB board, Executive and Management, arguing that inadequate priority was assigned to the task required to offer a more secure and stable IT environment.
Also, as written by Alan Clifford, report's author who is also the Audit NZ's Director of Information Systems and Assurance, numerous external and internal reviews, and audits identified the areas with high risk that required action, as reported by computerworld.co.nz on April 14, 2010.
The Conficker worm has not just destroyed Waikato DHB but has also crippled the Greater Manchester Police computers in February this year. In February this year (2010), the Greater Manchester Police computers were crippled by Conficker, forcing police officers to depend on computers in other dominions to access criminal records. The West Middlesex NHS Primary Care Trust and Sheffield Hospital in the UK, and Canterbury DHB, Ministry of Health, and a major bank in New Zealand were also crippled by the worm.
» SPAMfighter News - 24-04-2010