Conficker infected critical hospital equipment: expert

subscribe

The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of U.S. hospitals recently, a security expert said in a panel at the RSA security conference.

"It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, Marcus Sachs told CNET News after the session. Sachs is the director of the SANS Internet Storm Center and a former White House cybersecurity official.

It is unclear how the devices, which control things like heart monitors and MRI machines, and the PCs got infected, he said. The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected, he said.

Conficker spreads via networked computers as well as through removable storage devices and a hole in Windows that Microsoft patched in October, but these machines were too old to be patched, according to Sachs.

In the U.K., PCs at hospitals in Sheffield were found to be infected with Conficker in January, The Register reported.

The situation illustrates the dangers of connecting critical networks, like in hospitals and in SCADA (Supervisory Control and Data Acquisition) systems used by utilities and other critical infrastructure providers, with networks connected to the Internet, he said during the panel "Securing Critical Infrastructures: Infrastructure Exposed."

"We haven't found any nukes yet that are infected with Conficker or that are trying things like Twitter," he quipped. But "that is within the probable as we take shortcuts," he said.

"We're seeing a huge uptick in probing for SCADA systems," said Jerry Dixon, director of analysis and vice president of government relations at research firm Team Cymru. For years, the SCADA systems were separated from the public networks, but that's not the case anymore, he said.

Utilities move to remote access and other Internet-based technologies so workers can have access to the control systems when they are not at the plant and to cut costs, Sachs said. Workers have been known to access control systems using BlackBerrys for no reason other than that they can, he said.

Asked after the panel if cyberattacks had led to any utility outages, Michael Assante, chief security officer of the North American Electrical Reliability Corporation (NERC), said "none in North America."

"There is no evidence of computer compromise that led to a disruption of service," he said. "We're not immune to it; it's not hypothetical."

Government officials maintained that an electricity blackout in 2003 in the northeastern United States was not caused by the Blaster Internet worm that was circulating at the time as was suspected, but officials also were never able to reveal why it happened.

Related News

grid

Tornadoes and More: What Spring Can Bring to the Power Grid

WASHINGTON - The storm and tornado outbreak that recently barreled through the US Midwest, South and Mid-Atlantic was a devastating reminder of how much danger spring can deliver, despite it being the “milder” season compared to summer and winter.  

Danger season is approaching, and the country is starting to see the impacts. 

The event killed at least 32 people across seven states. The National Weather Service is still tallying up the number of confirmed tornadoes, which has already passed 100. Communities coping with tragedy are assessing the damage, which so far includes at least 72 destroyed homes in one Tennessee county…

READ MORE
heat-exacerbates-electricity-struggles

Heat Exacerbates Electricity Struggles for 13,000 Families in America

READ MORE

firefighter

California faces huge power cuts as wildfires rage

READ MORE

us grid and climate change

The biggest problem facing the U.S. electric grid isn't demand. It's climate change

READ MORE

doe logo

U.S. Announces $28 Million To Advance And Deploy Hydropower Technology

READ MORE