NHS worm infection was 'entirely avoidable', says review
The infection of 4,700 PCs by a worm at three London hospitals in mid-November was "entirely avoidable," according to an independent security review.
The PCs at St. Bartholomew's, the Royal London Hospital and The London Chest Hospital were infected with Mytob, a mass-mailing worm also known as MyDoom. Emergency patients were temporarily diverted to other facilities, but officials said no personal data was lost.
After the infection, the hospitals commissioned a specialist IT consultancy to analyze the incident. Although the full report is not public due to security concerns, a summary of its findings has been released.
The review concluded there was a "substantive failure" in the medical group's information governance processes. Antivirus software on the PCs was updated on a daily basis prior to the attack, but the software was not configured correctly on some PCs.
"This left a 'back door' for the virus to infiltrate the network," the review said.
Mytob was "introduced accidentally" into the hospitals' networks and there was no "malicious intent," the review said.
The hospitals' PCs were running McAfee 8.5 antivirus software, a product also known as VirusScan Enterprise. Most antivirus products -- including that McAfee product -- can detect and remove Mytob, but the malware continues to circulate on the Internet despite its discovery in early 2005.
After the infection, the hospitals declared an "internal major incident" on Nov. 18 until Nov. 24. Most PCs were cleared of the infection and working again by early December.
The hospitals are now embarking on a program to shore up management systems and processes, the review said. The program calls for additional staff training and changes to command and control structures, among other measures, and should be complete by April.
Although patients were not severely affected, the review notes "this incident could have threatened the well-being of patients and morale of staff as well as the long-term reputation" of the hospitals.
U.K. hospitals are not the only organizations to be severely hit by common infections. In mid-January, the U.K. Ministry of Defence was hit with a rapidly-spreading virus that forced administrators to shut down systems across the organization, cutting off e-mail and Web access.
The Ministry said war-fighting systems were not affected. It did not release details of the specific type of malware, but said it did not appear to be intentionally targeting military systems.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by TwitterOn Twitter now
security
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Interesting
Interesting post. AVG is good anti virus software. Thanks.FL Management Training | FL Leadership Training | FL Business Training