Waikato DHB Conficker Outbreak

Forums › IT Pro and developers › Waikato DHB Conficker Outbreak

1 | 2

exportgoldman

1202 posts

Uber Geek

Trusted

#284365 21-Dec-2009 13:20

richms: I lot of custom software is plainly retarded. I know of a place that was still using an unpactched really old IE because they needed the username:password@site logins to work for some braindead half-assed client that used that to authenticate to an external server, and that was only last year that they were still using it.

Alarmingly high number of IE6 clients from corporate IPs hit a friends website too.

People forget that patching DOESN'T mean installing new versions of software, you can roll out IE7 or IE8 but also keep IE6 deployed and roll out the security patches for that client. There is no requirement to upgrade versions, Microsoft are very good with their product support lifecycle.

http://support.microsoft.com/default.aspx/gp/lifeselect

If they are running IE6 on Windows XP Professional they can continue with this version and get security patches until 08/04/2014.

Tyler - Parnell Geek - iPhone 3G - Lenovo X301 - Kaseya - Great Western Steak House, these are some of my favourite things.

browned

636 posts

Ultimate Geek

#284379 21-Dec-2009 14:27

I am sorry but having worked in a few R&D and pharma labs in my time any life critical system should be running completely seperate from any network and if it is on a network all external access routes (internet, usb, floppy, cd/dvd roms etc) should be disabled and forced off by policy.

There should be no need to patch a life critical system.

So the situation still stands, they should have been forcing critical patches minimum. Also, like any traditional lab, lab systems are run seperately from desktop systems. If lan systems must be put onto the general network they need to comply with the desktop patching rules.

Home Server: AMD Threadripper 1950X, 64GB, 56TB HDD, Define R6 Case, 10GbE, ESXi 6.7, UNRAID, NextPVR, Emby Server, Plex Server.
Lounge Media Center: NVIDIA Shield TV 16GB: Kodi18 with Titan MOD, Emby.
Kids Media Center: NVIDIA Shield TV 16GB: Kodi18 with Titan MOD, Emby.
Main PC: Ryzen 7 2700, 16GB RAM, RX 570, 2 x 24"

Simonm

181 posts

Master Geek

#284397 21-Dec-2009 16:20

exportgoldman: Oh, and for all life critical tasks, there should be paper based backup systems. Fire and Police have them, ambo's and hospitals should as well. The police and Fire had to resort to them 6 months ago when comms went down.

Gets a little hard when things like digital Xrays/scans are becoming more prevalent.

There is unfortunatly still a hell of alot of conficker around :(

http://www.shadowserver.org/wiki/uploads/Stats/conficker-population-180day.png

exportgoldman

1202 posts

Uber Geek

Trusted

#284435 21-Dec-2009 19:09

Simonm:
exportgoldman: Oh, and for all life critical tasks, there should be paper based backup systems. Fire and Police have them, ambo's and hospitals should as well. The police and Fire had to resort to them 6 months ago when comms went down.

Gets a little hard when things like digital Xrays/scans are becoming more prevalent.

There is unfortunatly still a hell of alot of conficker around :(

http://www.shadowserver.org/wiki/uploads/Stats/conficker-population-180day.png

If a task is life critical then have backups, be it a second PC unplugged next to the machine the operator can plug in (with no network card in it) to the machine to do xrays in a offline mode with a CD Burner. Other hospitals around the world cope it just requires planning.

And just because there is a lot of a 18 month old virus around isn't any excuse for not patching. In fact if you are moving to a MORE digital environment it's even more important to patch.

PATCH PATCH PATCH.

Tyler - Parnell Geek - iPhone 3G - Lenovo X301 - Kaseya - Great Western Steak House, these are some of my favourite things.

Batman

Mad Scientist
29771 posts

Uber Geek

Trusted

Lifetime subscriber

#285021 24-Dec-2009 17:03

you guys have been quoted on the press!
http://www.stuff.co.nz/waikato-times/news/3192755/Waikato-DHB-to-close-virus-gaps

insane

3242 posts

Uber Geek

ID Verified

Trusted

#285195 26-Dec-2009 00:14

I think this just goes to show that healthcare in NZ does not get enough funding. I guess if they had managed to get the approval to employ that security admin sooner then they may have avoided this attack.

I know a company that was ravaged for over a week by this virus only a few months ago as it kept jumping from infected systems back to systems which had already been cleaned and so on until all 20 odd machines were taken out and cleaned together before going back in with new patches and Anti-virus software.

I'm sure everyone here who's pointed fingers at the DHB's inept admins have made equally large mistakes during their careers, some probably worse than just negligence.

Ragnor

8223 posts

Uber Geek

Trusted

#285277 26-Dec-2009 17:07

Accidental/human errors are part of life for sure.. but I don't know if you can class having a policy of don't install any updates or patches as an accident!