Conficker Infecting Hospital Equipment

Toggle sidebar Toggle sidebar
Status
Not open for further replies.
Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?
 
Infecting hospital equipment? Thats just wrong...

Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?
 
Critical can mean a number of things, I work for IT for a company that does tech support for ...probably hundreds of hospitals and medical practices. That's why this caught my eye.

Anywho I'm not sure what the critical devices they're talking about are, but I know worst case scenario where I work, we'd have the stuff reimaged and ready to go in a matter of an hour or two, and barely anyone would notice.

Critical for us means radiology imaging (PACS) nurse station workstations... these although critical, would not cause anyone to die or anything serious like that.

Biomed equipment running embedded windows... perhaps... I don't know about that, not my department.
 
I totally agree with Anonymous1138. The same question applies to military installations - WHY?
I'd think that the relatively minor extra salary they might have to pay to have someone knowledgeable in 'nix (especially Linux) in-house would be easily offset by the money and time spent ferreting out viruses like this one, or having to wipe you PC with a "clean" install.
But then, the anti-virus program providers wouldn't be making a bundle, would they? Nor would the guys who sell you the latest OS every couple of years, nor the guys who sell you the newest PC (with the latest OS) every four years....
 
[citation][nom]Anonymous1138[/nom]Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?[/citation]
EXACTLY. These kind of systems need to be running Embedded Linux.
 
So here's an example. I work for a hospital and we have what are essentially medication vending machines in nursing units. These machines are running Windows. The machines themselves aren't on the Internet directly, however they can see the rest of the network, and much of it is on the Internet. I agree that this is bad and if it were up to me nothing important would run Windows. Unfortunately the IT departments often don't pick the products that are used within an organization. Why do developers keep picking Windows?
 
OK, I work front line support in a hospital, and belive me, the nurses, med techs, and doctors have enough problems using Windows, we don't need to confuse them further with Linux. As said, an infected machine can be neutralized and put back into production in less than 2 hours. No computer keeps people alive, thats what the staff is for. The PCs are only tools to simplify their job.
 
"embedded, secure operating system" -- What's that? Embedded Linux? Come on kids. Don't fool yourself. While more "secure" than Windows, Linux is definitely not "secure".
 
Propaganda, propaganda, and more brain washing! All those "news" are just happen to be released when new laws are crafted to give the government extended rights to spy on our networks and to control the Internet.
Any one who really works on front line knows that the weakest link is the human not the computers and OSes.
 
I call BS, why on earth would critical medical equipment be running Windows, and for what? Windows isn't exactly ideal for any type of mechanical automation, I've rarely seen it used for that. Ever seen a USB defibrilator?
 
[citation][nom]Anonymous1138[/nom]Why on earth is "critical medical equipment" running windows and not an embedded, secure operating system?[/citation]
For corporate profits and politics. Also, "developers" love dumbed down environments, they can produce more expensive crap, much more faster and efficiently, with just a few mouse button clicks.
Also, NSA (cornea & cochlea corp. = C3) and the likes wouldn't be too happy with some less known uncooperative OS.

@SAL-e Since when did C3 bother with legal roadblocks? That's just for idiot box junkies. Governments don't need "rights" to spy, they just do it, because "yes we can".
 
[citation][nom]NSARules[/nom]"embedded, secure operating system" -- What's that? Embedded Linux? Come on kids. Don't fool yourself. While more "secure" than Windows, Linux is definitely not "secure".[/citation]Depends on how it's configured. With SELinux and strong passwords it is pretty difficult to break without physical access to the machine. SELinux was developed by the NSA but I'm sure you already knew that.
 
[citation][nom]MrBradley[/nom]Infecting hospital equipment? Thats just wrong...Why are these pieces of "Critical Equipment" hooked up to the internet in the first place or how on earth do they get infected?[/citation]

I 100% Agree, wtf do they need them connected to the internet, to play quake live? Wtf?
 
Having a friend going to surgery this week for Cancer THIS IS FUCKING SCARY. They are using the new VanGoh machine. Its networked so people can operate remotly..........
 
[citation][nom]RiotSniperX[/nom]I 100% Agree, wtf do they need them connected to the internet, to play quake live? Wtf?[/citation]

Keep in mind that it doesn't have to be connected directly to the internet. Follow the line: Internet, hospital computer, hospital network, hospital equipment monitored by network & remote access equipment such as med-flight. NOTHING on the network is safe.
 
I call BS on this conflicker hype and that's all it is, i have my own computer store on average i clean 10 machines a day min, i have yet to see one copy of conflicker.

To catch conflicker you have to have the following conditions:

1) no updates done to windows the update to block conflicker is almost a year old.
2) Wide open network no firewalls how can a hospital have no firewalls that's hard to believe.
3) Internal infected machines, the hospital would have had to have been infected by already infected internal machines.

What was the hospital IT guy doing all machines would have not been updated for over a year that would leave huge security holes to allow hackers to view your medical records.

While it is possible for this to happen they would have to have very poor security protocols and a really bad IT staff.
 
security within computers is 100% impossible. An employee can always take your files (credit card numbers, SSN, address) and walk out of the buildilng with it. NOTHING can stop that
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom