[Dshield] got one

Chris Wright dshield at yaps4u.net
Tue Feb 14 13:03:54 GMT 2006


Actually, you are not wrong there...

The NHS in the UK has recently been installing site wide network access on
most wards and offices to allow staff to access patient records/ patient
care charts etc etc.(well, they've been trying to implement the scheme for
ages and it is way way over budget). 

Nearly every machine has internet access and get this, on the ward where my
wife worked, every single machine was infected with countless bots trojans
and viri.  
And it was not an isolated incident.

I wrote several times to the IT Admin at the hospital concerned and he
stated that it was impossible.  He backed down when I showed him the
machines I was refferring too after he arranged to meet me for lunch one day
(amazing what the threat of going to the local press did).  
They were installed by a 3rd party contractor who obviously bid the lowest
price and installed no HW/SW protection whatsoever.  

Most of the staff would not use the computers because they were slow,
(because of the amount of junk that was running on them).  

She left a few months back and I never did get to find out how they or if
they solved it.
I for one would not trust having my personal information on an NHS based IT
system in any hospital.
Especially with the idea of the network to allow all any NHS location to
access data anywhere in the NHS system.

It was downright outrageous.  And when I say the lowest bidder won, I doubt
it when you see how much money was being spent to roll out the new network.
(I can't remember offhand the name of the system, but it was being pushed by
Tony Blair as one of the success stories of the NHS modernisation).

Every GP (Family Doctor) also had terminals in their practices that had
access to the NHS system and no doubt these were as insecure as the ones in
the hospital.  They simply connected via ADSL or Cable access to the same
network.

I don't imagine it to be the case in every hospital, since that would be
just downright unbelievable, but the North Hants Hospital in Basingstoke was
amazingly lax when it came to network security.

Regards

Chris



> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of 
> Stasiniewicz, Adam
> Sent: 14 February 2006 03:58
> To: General DShield Discussion List
> Subject: Re: [Dshield] got one
> 
> Hmm, here is a thought.  How about we take a step back and 
> look at the IT security that was in place for a hospital?  I 
> might understand if the hospital was specifically targeted by 
> the hacker, but a random net worm making its way into the 
> computers of an ICU?  All the hospitals I know only offer 
> limited internet in the administrative/doctor offices and 
> completely remove access on the floors (for this exact 
> reason).  I think the real question here is how could this 
> have happened in the first place?
> 
> Regards,
> Adam Stasiniewicz
> Computer and Communication Services Department Milwaukee 
> School of Engineering
> MSCE: Messaging & Security 2003 
> 
> > -----Original Message-----
> > From: list-bounces at lists.dshield.org [mailto:list- 
> > bounces at lists.dshield.org] On Behalf Of Mike Trahar
> > Sent: Monday, February 13, 2006 3:06 PM
> > To: list at lists.dshield.org
> > Subject: [Dshield] got one
> > 
> > has anyone seen this?
> > 
> >
> http://www.computerworld.com/securitytopics/security/story/0,1
> 0801,10864
> 3,
> > 00.html?source=NLT_PM&nid=108643
> > 
> > I hope they hang them.
> > 
> > Mike
> > _________________________________________
> > Learn about Intrusion Detection in Depth from the comfort 
> of your own
> > couch:
> > https://www.sans.org/athome/details.php?id=1341&d=1
> > 
> > _______________________________________________
> > send all posts to list at lists.dshield.org To change your 
> subscription 
> > options (or unsubscribe), see:
> > http://www.dshield.org/mailman/listinfo/list
> 
> _________________________________________
> Learn about Intrusion Detection in Depth from the comfort of 
> your own couch:
> https://www.sans.org/athome/details.php?id=1341&d=1
> 
> _______________________________________________
> send all posts to list at lists.dshield.org To change your 
> subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 



More information about the list mailing list