Conficker Pierces into Critical Hospital and Utilities Equipments

While speaking at the RSA Security Conference being conducted in San Francisco, US, on April 23, 2009, Marcus Sachs, Director of SANS Internet Storm Center, stated that Conficker worm has recently infected hundreds of important medical devices and other machines in an unrevealed number of hospitals in the US, as reported by ZDNet.com on April 24, 2009.

According to security experts, it is still difficult to locate the way these machines suffered the infection. Some machines were on Internet, standalone networks; however, they were likely to consist of older computers running on Windows 2000 and Windows NT in a LAN and were not thought of having any Internet access. Though, the network was linked to one that was directly accessing Internet and so the infection got passed onto other machines.

All this was solely due to the method of propagation of worm. Conficker worm propagates through machines connected in a network. It also spreads via removable storage devices such as USB sticks, as discovered by the security researchers in the previous months.

While the infection suffered by the computer networks of the hospitals is still not completely investigated, there is a big havoc in the systems of Supervisory Control and Data Acquisition (SCADA). Systems at SCADA have been infected by virus, especially Conficker.

Sachs said that this mishap highlights the risks involved in connecting Internet accessing networks to sensitive networks, such as in hospitals and SCADA that are used by critical infrastructure providers and utilities.

However there problems emerged due to the infection of computer networks at utilities, no reports have so far been received about any service or supply being affected by the incident. The problem appears to be limited, but Sachs warned that the incident urges to increase the awareness of potential infections of the machines at hospitals and other places that involve critical infrastructure such as power grids (utilities).

In January 2009, systems installed at the hospitals in Sheffield, UK, were discovered infested by Conficker.

Since Conficker worm made its entry into the cyber world, way back in October 2008, it has given rise to numerous problems. Even the networks in colleges and schools have not been spared by this worm. Moreover, it has been undergoing constant mutations. Security experts believe that the next big outbreak of this worm is expected on May 5, 2009.

Related article: Conviction of First Felony Spam in Virginia Upheld

» SPAMfighter News - 5/1/2009