back to article Conficker seizes city's hospital network

Staff at hospitals across Sheffield are battling a major computer worm outbreak after managers turned off Windows security updates for all 8,000 PCs on the vital network, The Register has learned. It's been confirmed that more than 800 computers have been infected with self-replicating Conficker code. Insiders at Sheffield …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    IT Angle

    WSUS

    Hasn't anyone heard of Windows Server Update Services?

    Updates can be scheduled by group policies to avoid things like this.

  2. Anonymous Coward
    Anonymous Coward

    OR Documentation System is not life threatening.

    Just for the alarmists out there gravely concerned of the welfare of patients on the table, typically the systems written in Windows are surgical documentation systems, not monitoring, care disbursement systems.

    I worked on an IntraOp/PeriOp documentation system used in operating rooms in the U.S. It was written on Windows. It took about 9 man years to write the first two phases of the software. The software is used in OR's is to document what happens in the case (nurse inserts catheter size x at time y, patient says ouch). Hospitals always have the "failover" method of pen and paper documentation if the system ever fails for whatever reason. Though we do as much as possible to keep the system running when things happen, shit still does happen (like windows reboot).

    Basically you write systems in Windows, or you cut your customer base by 90%. It's generally the customers who drive the OS decision. I have problems with Windows for all the obvious reasons everyone else does, but until there is a major paradigm shift in the way the global IT purchasers think, we're stuck with it.

    The good news is that most of the backend stuff can be written OS neutral. Web services and Oracle databases can all be run on unix/linux platforms, but the customer still drives the decision. If the customer says they want to use Windows on their back end, we install it on Windows. Most of the customers want Windows.

    Until all the unix/linux advocates can justify the multi-million dollar conversion to linux/unix, instead of blathering, "you're a noob for using Windows because of bla bla bla," Windows is what's run. It's what we call entrenched.

  3. Mat

    Wel well well..

    The following comment seems to show what NHS managers *really* think of IT

    The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams".

  4. Ken Hagan Gold badge
    Dead Vulture

    Boo hiss, El Reg

    "In internal emails seen by The Register, staff were warned not to make details of the outbreak public."

    I think that's a little unfair. If she really said...

    "Please note that this incident could over the next few days attract outside interest from the press... If you are at any time approached by anyone to give information relating to the current problem then please refer them to me in the first instance,"

    ...then "IT services manager Carol Hudson" is simply asking that the press have an informed point of contact rather than a load of headless chickens spreading FUD.

  5. Anonymous Coward
    Stop

    Rebooting automatically?

    @Anonymous John - Microsoft have thoughtfully provided a whole host of group policy settings to prevent a PC rebooting automatically. All the NHS IT staff had to do was configure one of those.

  6. UBfusion
    Thumb Down

    Please enforce moderation

    @ Mungo: You have crossed the line - I have been severely insulted by your attitude and language. Please retract.

    @TheRegister: Please consider moderating all comments that are expected to provoke OS wars.

  7. Anonymous Coward
    Anonymous Coward

    err.

    Another case of something happening, everyone blaming windows when basically it was ill configured, MS actually have the group policy stuff in place FOR businesses like this, as someone else said. MS is perfectly fine for software in places, as long as people arn't idiots and actually schedule the updates properly , or if they can;t schedule them due to being in a environment thats used a lot , set it to download but not install and install after surgery!!

  8. Ed Blackshaw Silver badge

    @Mungo

    I don't see anyone here particularly dissing MS - the general consensus would appear to be that the IT infrastructure in the hospitals is mismanaged and it is those who are responsible for administering the trust's computers and (more likely) those who are responsible for managing those (most likely overworked and underpaid) administrators who are at fault. For anyone who has had experience of badly-run NHS management (and plenty of it exists), this should come as no great surprise.

    So Mungo, put down the block caps and step away from that bridge you ridiculous little troll.

  9. RobT
    Flame

    IT Knowledge inverse-proportionality to IT management Level

    The NHS are not the only ones who have this kind of procedure forced upon them by superior "IT Management"

    We have had a forced hold on the installation of all updates of any type for the last 6 weeks due to peak trading in the retail sector. As such we are hoping that our AV is catching everything before it can cause problems.

    I personally feel sorry for the poor techs that will be getting ripped to shreds for "allowing" this situation to occur when the chances are that they suggested, as we did, that this was not a suitable resolution to the problem and out of hours installs and restarts are a more desirable position.

    With a good testing environment in place it should be possible to release the patches to unused test PCs, then a select UAT group, before a final all estate rollout.

    Poor NHS IT.

    Surely once again IT end up firefighting rather than being allowed to proactively stop outbreaks and issues!

  10. Tim Schomer
    Stop

    @ Anyone who can read TechNet articles can get WSUS running in an afternoon.

    "Anyone who can read TechNet articles can get WSUS running in an afternoon."

    Well, they might be able to if ...

    a) they had a machine to put it on (this was a 'lowest quote' system)

    b) the managers allowed them the afternoon to do it

    c) they didn't think they'd be sacked for doing something that wasn't approved by the IT Policy Direction Committee. (I was nearly had up on that one for changing the background colour on my PC)

    All in all, don't blame the Techs, sounds like they've got enough to deal with as it is.

  11. Sarah Bee (Written by Reg staff)

    Re: Please enforce moderation

    I considered it, UBfusion (if that *is* your real name). And then I moderated it accordingly. Which is why it's now available for your viewing pleasure, discussion and rebuttal.

    Also, I can't see where you yourself are directly addressed in Mungo's comment. If you can point out to me what exactly caused you such offence I'll be glad to take appropriate action.

  12. Tone

    No Management System?

    Who ever decided to deliver windows updates via the web should be sacked - it would seem a lot of people dont know how to manage or harden windows - including some of the comments above.

  13. Mungo

    @Duncan Hothersall

    I don't what the app was, I don't care what the app was, It doesnt matter what the app was.

    What matters is that if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one.

    Read AC - OR Documentation System is not life threatening. Until people like you get off your arse and FLOOD the market with Linux apps that the market wants then we will always be entrenched in a Windows environment and I will always be biting my lip listening to people like you whining like an eight year old girl. Grow up and get on with it or shut the fuck up.

  14. alan
    Coat

    @MUNGO

    twat.

    that is all.

    /me goes off to write 3 lines of linux....

  15. Anonymous Coward
    Anonymous Coward

    arrhar

    we had the virus at fujitsu recently, supporting government accounts, the brilliant advice from our internal support was "take the network cable out".

    Quietest couple of days at work ever :D

  16. Luther Blissett

    The meme of virality, and the virality of memes

    Conf*cker = con + f*cker. A good name for a successful virus. If reflexivity is a necessary condition of success (as in "reflective practice"), then to be resistent to infections the NHS must rebrand itself asap. That's not a job to be devolved to "experts", "elders" or "leaders" (interesting near-anagram there). But first we must decide if hospitals are places to recuperate to live or to go to die. Which means knowing what is life and what is death. (Which the NHS doesn't, because post-op care is far more lethal than surgery).

    So, Socratic question, what is the meaning of life?

    Is it, perhaps, a matter of aliens seeding the planet, as Dawkins probably <wink> believes? In which case there are only two possibilities. Either (1) the aliens will come back, because the human experiment "works", and is Good, so we are logically forced to believe in UFOs. Two extensions are available here - (a) the aliens come and take us away ("redemption"), so we have cargo cults, or (b) the aliens leave us here, with new "secret knowledge". (Which does the Co$cientology prefer?). Or (2) the aliens never come back, because the human experiment is a catastrophic failure, Bad or Evil, so that when the going gets tough, we stop thinking about the possibility of a world without war, poverty, misery, or usury - to make the best of our lot we walk on by, while those fortunately placed game the financial system in the psychotic attempt to become little gods via the belief that money = power = everything. (There are ways of creating gods such as they would like to be, but not in that way, as the Pharaoh tombs evidence - and besides, there are currently no job vacancies in that sphere).

    Or.... what is wrong with the logic (as opposed to the rhetoric) of that last paragraph?

  17. Anonymous Coward
    Alert

    sigh...

    Like most things in the NHS, it's 90% business and management consultatnts, comitties and HR policies and 10% people doing the work. Most of them outsourced to private companies who only want to increase their proifit.

    That's what's wrong with the NHS, everyone knows it but whenever they try to figure it out, they hire business and management consultants, set up comitties and write new HR policies. That's where the money goes and that's why it's in such a fucking state!

  18. Mungo

    @Duncan Hothersall - And another thing!

    Even if Windows never, ever exisited, are you that naive to think that it would be impossible for a 'mission critical' Linux or Solaris machine to be in that Theatre, connected to the Internet and remain unpatched. I think it would be just as likely.

    Grow up. You're a knob.

  19. Anonymous Coward
    Anonymous Coward

    Heh

    "You have crossed the line - I have been severely insulted by your attitude and language. Please retract."

    Heh. Working in the tech industry requires a much thicker skin than that. If you want practice, I can come up with better.

  20. g e

    Group policy blah

    Yeah you can set a policy but that doesn't change the fact that by default (??) Windows update will autonomously reboot your PC/Server if you're not paying attention/busy/called into a meeting/etc (and haven't configured it not to) is utterly shit.

  21. Apocalypse Later

    Malware costs

    'The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"

    But the moment they catch the culprits responsible, the position reverses. "This virus cost the NHS or other government department umpty million pounds in cleanup costs and specialist recovery services, and the people who wrote it (or hacker who penetrated, etc.) is therefore a major criminal equivalent to a mob godfather."

    That's how the poor goof who went looking for UFO data on US military computers is being made out to be a threat to world security. The US government does not bother to secure their computers, then panics when they are "penetrated" and runs up a big bill to check that no harm has actually been done. Then the cost of the panic is attributed to the goof who wandered in.

  22. Anonymous Coward
    Thumb Down

    @UBFusion

    Oh, brilliant, someone posts something that gets your blood moving and you call for moderation of comments on The Reg.

    PAH!

  23. Anonymous Coward
    Flame

    Free Gary

    "The trust argued that the consequences of its decision making had not cost public money, "just time and effort by the IT teams"."

    In that case Gary McKinnon is innocent as he has caused no expense to the US Government, only 'time and effort by IT teams'.

  24. Mungo
    Coat

    Apology

    I apologise to the group for any offence caused by my language but my attitude stands so go screw yourself. @UBFusion sorry if you do have a beard, wear a tank top or sandals and you 'love' penguins. I was exploiting a stereotype I didnt think existed.

    But there is a recurring theme here.

    Headline: Poor environmental/management conditions of IT Support causes (specifically) 'mission critical' Windows PC to fail.

    This causes outcry that why isnt OpenSource/Linux being used because it is a role that is too important for a windows PC to be relied upon and therefore missing point entirely and going on to make same mistakes again and again.

    I am not sticking up for MS or dissing Linux (I use and own a number of OS) but is it too much of a stretch of imaginations to realise that if Linux was the market leader then MS trolls would be creeping out of the woodwork to slate Linux.

    Popularity breeds contempt regardless of market leader. If posters think that Linux should be market leader then get off your arse and make it so but if you dont want to do that, at least look for the root cause of the issue which is usually OS independant. As in this case.

    In essence lets bury our MS/Linux differences and slag off managers which would be much more on-topic in this case.

    Just getting my coat in case we have a load of managers in!

  25. Anonymous Coward
    Alert

    Blame MS, *not* the hospital management

    It's microsoft's arrogant "we're going to reboot your computer even when you tell us not to" stance that is the cause of this problem.

    Rebooting without operator permission isn't a practical option on any PC, let alone one that might be responsible for somebody's life. And its made worse by MS continual nagging to reboot and the refusal to understand that "do not reboot without permission" ought to mean do not reboot without permission, not "reboot if I don't manage to hit the "NO" button every 23 seconds.

    Stop blaming the hospital management. It is Microsoft that needs to be taken out and shot.

  26. Duncan Hothersall
    Flame

    @ Mungo

    Oh dear, you haven't even got the beginning of a clue, have you.

    "if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one"

    No, they wouldn't. Choice of application, like choice of operating system, is rarely if ever decided by how good it is at its job. That is almost the whole reason people get irate with Windows being adopted in this sort of scenario, and it has completely passed you by.

    I can show you an operating system which outperforms Windows in just about any technical sphere you care to mention, and it won't give it an inch of market traction in the NHS or elsewhere, because performance, quality and fitness for purpose are simply not the criteria on which such decisions are made.

    That was the entire point of my first response to your silliness - name the app that was deemed so critical and I'm sure I could point to 5 alternatives that could be run without Windows; but they won't be because MS has a monopoly and is very accomplished at using it.

    Your gratuitous insults make your argument even less convincing, by the way. You silly little twat.

  27. UBfusion
    Dead Vulture

    @ Sarah Bee

    Yes, this is my real name (I am not an anonymous user offended by the OS war).

    I cannot really get used to the idea that Reg moderators tolerate a user that calls other posters "usless fuckers" without apparent reason.

    No, I deny being called a "fucker" by anybody. Is this the brand new strategy of ElReg in order to attract more users/comments? Do we want to become like Digg or 4chan? Can you show me past topics in the Register where this has happened? Please google for "fuckers site:theregister.co.uk" (I just did) and find me an instance where this behaviour has been accepted in the past.

    I wonder where you do place the red line - calling with that name a minister, or the Queen Herself would have made it too through the moderation?

  28. Sarah Bee (Written by Reg staff)

    Re: @ Sarah Bee

    Seriously?

    This is a, how you say, lively site, and I am a fickle moderator. I try to keep peace and civility and all up to a point, and then after that point I tend to let everyone fight it out amongst themselves. And then after another point, I join in.

    The Queen is not necessarily safe here.

  29. Anonymous Coward
    Joke

    @Sarah Bee

    Surely you mean that f*cker the Queen?

    (anon 'cos TPTB are well known for not having a sense of humour)

  30. Oliver Mayes

    Oh come on

    Please leave poor MS alone. Windows may not be perfect but there's a reason it's used by so many people. That reason may be a combination of user stupidity and questionable business practices but that's beside the point in this case.

    Windows update doesn't automatically reboot your PC when it needs to. Mine does nothing without asking permission first, both before downloading and before installing anything. It then asks me to confirm whether I want to reboot if necessary or postpone by X hours. This is a simple setting that anyone who can install windows can set.

    This is clearly the fault of whomever maintains the PCs, for not setting them up correctly before putting them into use. This is then compounded by ignorant management making a stupid decision.

    And before anyone starts, I'm not some windows zealot. I run Vista at home, Ubuntu at work and am currently listening to my iPod Touch so I'm about as unbiased as most people can get.

  31. Anonymous Coward
    Thumb Down

    What a surprise ...

    Having a girlfriend who's a doctor, and having worked on the biggie NHS IT project, this does not surprise me.

    The NHS as an entity doesn't exist - it's a few thousand fiefdoms run by empire building *crats (medical and otherwise) who have the power to pretty much decide their own suppliers for everything. Hence they have a few thousand smallish networks that are funded and managed / run as such.

    The National IT programme never included provision to push out a fully managed desktop / network solution .. welcome to the result.

  32. Joel Clark

    Bad IT Decisions

    I second all the comments pointing the blame at a committee decision to do something stupid. I wonder if there was a techie or two in there throwing the kind of temper tantrum they should have been throwing against a decision like that.

    @ UBfusion: You are indeed a useless fucker for not liking 4chan.

  33. Bisaerts Danny
    Black Helicopters

    Belgian hospital also affected ...

    Apparently a large Belgian hospital located in the town of Bonheiden is also affected by a major outbreak of the same worm.

    The worm has said to be slowing down operations but patient health should not be in any danger. The network is experiencing difficulties due to the nature of the worm attack which leads to denial of service and network flooding ...

    More on http://www.zdnet.be/news.cfm?id=97303&mxp=150 (in Dutch).

  34. Kevin Pike

    the problem

    'I can't believe no one here has said this yet but every single aspect of Windows Update that you can think of is configured using Group Policy and WSUS and is exactly what an organisation of this size should be using'

    the problem with this statment is that you assume the NHS is one It controlled enity. Its not.Even down to a building of say 100 people will have there own It staff and doing the own thing compared to say the building next door. That 90% of the problems with It in the NHS and 100% of the reason why its budget is so high.

  35. Mungo

    @Duncan Hothersall

    Duncan what the hell are you on about. Every procurement selection panel I have ever sat on has ALWAYS started with the application and how well it performs the job you want it to based on its selection criteria decided by the application stakeholders. Admittedly there may be a climb down from the primary candidate due to mitigating factors but seriously we work on the best candidate for the job and we do our damned best to ensure that it fits well with what we already have regardless of vendor or OS. This has not stopped us from selecting Open Source vendors when they are designated the best candidate by the stakeholders.

    So how does your outfit select software then? The one that 'sort of' does the job? Do you line up the best 5 candidates and choose number 6? Seriously, if your are not using a defined selection criteria for your stakeholders and sticking to it how are you selecting vendors? Please post here as I would love to know.

    The one thing that is always predictable in these panels is the utter lack of OpenSource presence compared to Windows offerings but we will always seek to consider them which means we keep an eye on Open Source 'also rans' because given time they will become better. Which if you have read previous posts we have decided to call this situation 'entrenchment' because there is not enough open source apps out there for stakeholders to select from. If there were more open source apps there would be more open source programmers. If there were much more of both then you would be in Microsoft's position. Hence the crux of my original post.

    You dont have to convince me of the abilities of Linux as I use it on a daily basis as well as Solaris & Windows and I also predate Windows so I can still remember companies might have 6 different operating systems in use from 6 different vendors and zero interoperability and have no wish to go back down that road.

    But like a good little geek I seek to make the best of what is available to me and as the majority of worlds computing power currently hosts Windows (through no fault of my own) you will do well to remember also that this is only the OS du jour. 35 years ago my skills were based in SCO System 5 and Xenix. Currently its in Windows & Linux. In 35 years time Windows may not even exist but that is up to you at the end of the day. Technically I am OS independant, you have to pick up what you are given and make the best of it

    I do feel sorry for you because it sounds like you are in a rut where you are and there is nothing more miserable than a geek in a rut. Get out and find a company that will listen to you because I am not. You will feel much happier.

    With regards to the rest of your post, aside from your outfits dodgy vendor appointment, the only other point I would like to correct is the bit about Microsofts monopoly. It doesnt have a monopoly. Currently it just has a lack of real competition in certain key sectors. That statement is neither pro MS or anti Linux. Just honest common sense.

    You're still a knob though.

  36. Mike Bell
    Paris Hilton

    Typical f*cking public-sector!

    "No individual was responsible for the move, the Trust added."

    "A lot of lessons have been learned."

    ... Until next time.

    Paris: because she has more of a clue than this lot.

  37. Anonymous Coward
    Thumb Down

    @AC - "Blame MS, *not* the hospital management"

    "It's microsoft's arrogant "we're going to reboot your computer even when you tell us not to" stance that is the cause of this problem."

    That's either a piss-poor troll or you are seriously out of your depth, sunshine.

  38. Mark Russell

    Who said anything about "safety critical"?

    Maybe we should get the surgeons in to give us IT advice, eh?

    Nice to see so many judgements being made in the absence of any knowledge of the situation. These computers are used to enter theatre data (operation, swabs & instruments used etc) and looking at blood results/XRays for inpatients between cases.

    The lack of them will certainly impair the smooth running of the theatre, but no-one has yet died because the computer in the corner of theatre was running windoze - last time I checked, humans could acquire virii from computers

  39. Duncan Hothersall

    @ Oliver Mayes

    Sounds like you have been fortunate enough never to have been bitten by that unpleasant "feature" of Windows Update that means running an update can sometimes magically change your settings back to the default "reboot whenever you want" ones. And you don't find out until that PC reboots itself at a most unfortunate moment.

    That said, if you have a large network with Group Policy and WSUS you can control this behaviour more, so it really shouldn't have happened in the hospital instance - but for home and small network users, setting your PC to ask before it does everything isn't actually the panacea you might think it is.

  40. Daniel

    Mungo

    What are you doing, that's so productive, while all these Linux types get your blood boiling?

    You seem to have enough hours in your day, to not only post here once, but to repeatedly come back - like a dog to his sick - to see what replies you've had. Truth is, your type always comes acorss like Travis Bickle ranting at himself in the mirror. If you'd only realise that that shadow you were pouring your bile at was actually your own reflection, you might lead a happier and more fulfilled life.

  41. Fragula The Furry
    Flame

    Unacceptable!

    It is "unacceptable" (if you will pardon the nuManagement speak) that a non-resilient system should be used in operating theatres. Whilst this might be good enough for bleating emails between managers, and the odd bit of ipod loading and "MSN"ing. It has no place in one of the most mission critical places on earth.

    Even if the surgeon was only using it to surf porn, the frustration and annoyance could distract him/her from their work.

    Sack the manager*s* responsible for this.

  42. Anonymous Coward
    Anonymous Coward

    Operating Theatre PC Usage

    Years of working in and managing operating theatres and I have yet to meet a PC application used in theatres that is critical for patient care. They are predominantly for scheduling and, yes, there are some who might deem that an interruption to the work routine and the possible need to log in again and possibly re-enter some data could "jeopardise" patient care but these are the usual shroud wavers you get throughout the NHS.

    Doesn't excuse the switching off of updates and then the failure to manually update the machines by some other manner though....

  43. Duncan Hothersall
    Heart

    UBfusion

    Is UBfusion your first name or your surname?

  44. Dave Gregory
    Thumb Up

    @Mark Russell

    Thank you. I'm glad I'm not the only one who's ever worked in theatre. The comments have been running a little shrill!

  45. The BigYin
    Black Helicopters

    @Sarah Bee

    Does the light moderation in this thread mean we can start discussing what Bubba should do to the IT managers?

  46. Anonymous Coward
    Stop

    Why would you have a PC in an operating theatre

    My poor aching head cannot deal with this one. Nasty bugs and flesh eating bacteria kill and have life altering effects for people every week after surgary Never mind a borked OS and daft IT policy. what about the keyboard and mouse used to update information after say abdominal surgary. How are "the dirty items of the office"cleaned?

  47. Duncan Hothersall
    Happy

    @ Mungo

    Do you work for Sheffield Teaching Hospitals Trust? If not (and I am pretty sure the answer is no) then whatever procurement procedures your company uses is neither here nor there.

    Let me come back to the deeply mistaken point you made: "if there was a Linux version of it that was capable of doing a better job than the one Windows one that was there, then they would be using the Linux one"

    This simply isn't true, and none of your bleating has made it any more true. STHT almost certainly has a policy which says that desktop PCs run Windows, full stop. Most places do, because they are scared of the support costs in having more than one platform. They will therefore only look for desktop applications in the Windows realm. The existence of a perfect, productivity-enhancing, life-enhancing application which does not run on the already chosen OS will be of no consequence.

    You were wrong, I'm afraid, and your self-important wittering does nothing to change this. The reasons for Linux's inability to even be considered in the desktop arena are structural, not qualitative, and Microsoft's monopoly is the key structural barrier.

  48. Sarah Bee (Written by Reg staff)

    Re: @Sarah Bee

    Why don't you try it and see?

    (No.)

  49. Phil the Geek

    Oooh, this is bad tempered, isn't it?

    UBfusion, that really isn't your given name is it? Though I did hear about one poor bastard whose parents named him Astroflash. And Mungo, I hope you are in theatre having your head removed from your own arse when when the theatre computer reboots itself.

    As for all the NHS bashing, last year my girlfriend had some life-threatening health issues and our experience with the NHS has been:

    * NHS medical personnel: excellent, absolutely outstanding

    * Facilities and equipment: far better than you would expect (esp if you believe Daily Mail)

    * Admin: Rubbish - utterly useless, incompetent, lazy and contemptible

    * Overall experience - better than private at Priory Hospital despite the atrocious admin

    PS I'm OS neutral, I dual boot XP and Ubuntu and both have their place and their limitations.

  50. Paul
    Joke

    "external anti-virus specialists"

    Ahh yes, they installed an old version of norton 03, when that didnt work they saw some convienient pop up offers for system mega virus cleaner pro 2009 and thought, why not?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021