Recently, the Conficker/Downadup worm infected several hundred machines and critical medical equipment in an undisclosed number of US hospitals. The attacks were not widespread; however, Marcus Sachs, director of the SANS Internet Storm Center, told CNET News that it raises the awareness of what we would do if there were millions of computers infected in hospitals or in critical infrastructure locations. It's not clear how the devices (including heart monitors, MRI machines and PCs) got infected. Infected computers were running Windows NT and Windows 2000 in a local area network (LAN) that wasn't supposed to be Internet accessible, but the LAN was connected to one with direct Internet access. A patch was released by Microsoft last October by November that fixes the problem, but the computers infected were reportedly too old to be patched.But don't worry. I'm sure none of the Electric Power Grid is connected to the Internet. Oh, wait.
Maybe this is it. I'm fixin' to hang up my Internet Security gig and get a law degree. I smell Class Action suit, just about everywhere. Imagine the questions that a Hospital Director wouldn't want to (or be able to) answer in front of a jury.
Like who thought it was a good idea to put an MRI machine online?
MRIs, or CT scans, are used in a number of diagnostic planning situations. The normal method to transfer those files is by a protocol called DICOM. It uses naming, IP address, and an assigned port between the listening application and the sender. Very common, it is an accepted method for image transfer and verification.
ReplyDelete