back to article Docs ran a simulation of what would happen if really nasty malware hit a city's hospitals. RIP :(

Electronic medical equipment is supposed to help humans save lives, but their lamentable security could result in considerable death, we were warned over the weekend. Speaking at DerbyCon in Kentucky, USA, on Saturday, three medics with have a side interest in hacking gave an update on their work analyzing security flaws in …

  1. AMBxx Silver badge

    WannaCry and NHS

    Anyone know if there's been any reports on the number of deaths caused? I've seen plenty about not patching, but nothing about the actual impact.

    1. Anonymous Coward
      Terminator

      Re: WannaCry and NHS

      "Anyone know if there's been any reports on the number of deaths caused? I've seen plenty about not patching, but nothing about the actual impact.

      No, but if their are any it'll be blamed on 'computers' .. what ever you do .. don't mention the Operating system platform. It doesn't matter what OS, Mac OS X gets hacked too and Linux doesn't get hacked as much as Windows because nobody uses it.

      1. Sir Runcible Spoon

        Re: WannaCry and NHS

        " and Linux doesn't get hacked as much as Windows because nobody uses it."

        Except it forms the basis of the vast majority of the actual servers on the internet, including firewalls.

        1. Doctor Syntax Silver badge

          Re: WannaCry and NHS

          "Except it forms the basis of the vast majority of the actual servers on the internet"

          And all the Android devices. And all Chromebooks.. And what's the score for smart TVs these days?

          But still, nobody uses it.

          1. Anonymous Coward
            Joke

            Re: WannaCry and NHS

            and the all that IoT kit and they never get compromised.

      2. Doctor Syntax Silver badge

        Re: WannaCry and NHS

        "No, but if their are any it'll be blamed on 'computers'"

        If there are any such deaths they should to be reported to the coroner and an inquest would look into the matter rather more deeply than you seem to think.

        1. TRT Silver badge

          Re: WannaCry and NHS

          Believe me, if any deaths occurred directly as a result of WannaCry, it won't be just the IT guys that will have their feet in the fire. Clinicians must consider the possibility that devices, information, drugs, procedures etc will not be available and have alternative care plans in place. Certainly this is a wake up call to those who have become complacent about the previously good(ish) record of reliability in medical IT systems, but even so they will be acutely aware that it's just a tool, its not a replacement for good practice and patient care.

          1. HmmmYes

            Re: WannaCry and NHS

            No.

            Clinicians follow what thet are told to do - be it medical procedures, drugs to use, rehabilitation etc.

            You dont want practicing DRs to be trying to make up the science, procedures, or IT strategy as they go along.

            1. John Smith 19 Gold badge
              Unhappy

              "85 per cent of US hospitals don’t have any IT security staff,” he added."

              Which I think is actually a bit worse than the NHS.

              Which suggests the US Healthcare industry does not have better security.

              It's just been luckier, as this exercise shows.

              So far.

          2. doke

            Re: WannaCry and NHS

            "if any deaths occurred directly as a result of WannaCry"

            If WannaCry caused any deaths in NHS, then how many lives did Marcus Hutchins save?

    2. Anonymous Coward
      Anonymous Coward

      Re: WannaCry and NHS

      Have you heard anything about a major supplier to the NHS not having access control lists on devices as they said they had, then checked again and said YES WE TOTALLY HAVE.

      Then didn't.

      That's how Wannacry got into many trusts, nobody seems to want to take it up with that CRAP IT compan-A.

  2. Pascal Monett Silver badge

    The lessons will be costly in money and lives

    I can understand that medical equipment was not created with security in mind. Who in their right mind would want to hack a pacemaker ?

    The problem is that there are many people who are not in their right mind, for whatever reason. So now we're going to have to add security to our medical environment and we're going to have to do it right, because when you're having a heart attack the last thing you want is the doctor having mistyped his password wrong for the third time and locking his account.

    1. Dan 55 Silver badge

      Re: The lessons will be costly in money and lives

      The problem is that there are many people who are not in their right mind, for whatever reason.

      That'll be lack of mental healthcare.

      1. Charles 9 Silver badge

        Re: The lessons will be costly in money and lives

        Even withentail healthcare you're going to have sociopaths who can pass off as normal. Healthcare can't do much versus someone actively avoiding it.

      2. This post has been deleted by a moderator

    2. Korev Silver badge

      Re: The lessons will be costly in money and lives

      having a heart attack the last thing you want is the doctor having mistyped his password wrong for the third time and locking his account.

      This seems like a good scenario for RFID chips; my physiotherapists have them in their badges and just tap the badge near on a sensor near the computer, this gives them access to the appointments system. If they want to look at X-rays etc. then they need badge + password. You could see how the trauma staff could have the speedy access in area where every second counts and then in other areas need more security.

      1. toughluck

        Re: RFID

        Except you will run into problems regardless.

        The badge can be compromised.

        The badge might malfunction and fail when it's needed the most.

        Given how a brand new USB token sometimes registers and sometimes (like 95% of the time) doesn't, it's not a stretch of the imagination to think that it might not be viable where lives are at stake.

        Then there's the matter of the network being up to negotiate access to the device using the RFID chip, which essentially means that both the device and badge connect to a wireless network successfully and that the network is running and able to connect both devices to a server.

  3. Roland6 Silver badge

    Take results with a pinch of salt

    The group ran a simulation exercise with the authorities ... The three-day simulated cyber-disaster involved one hospital in the city being infected by destructive malware that crippled essential services, followed by other digital assaults on hospitals across the city on the second day, and then a physical attack similar to the 2013 Boston marathon bombing on day three.

    From the article, no systems were actually infected and the sequence of events was obviously chosen to create a worse case scenario. I see a security expert spreading FUD and trying to drum up custom.

    Not to say that hospitals and medical equipment don't need better security etc., only not sure what the real benefit of running the simulation - wonder what the lessons learnt are, that a hospital could be put immediately into practice.

    1. Richard Jones 1
      WTF?

      Re: Take results with a pinch of salt

      Do nothing 'cause it is hard, is not an option.

      I suggest that the first steps are that either (a) facility by facility review is needed to decide what needs to be internet or even intranet connected or (b) some overall relevant guide line is needed to define the achievable objective across a wider, e.g multi facility area, examples. insurance company/ health standards body, OEMs, etc or several working in concert. This process must be health system and political influence independent.

      By the way, 'nice to have connections' need not apply!

      Authorisation processes need some critical examination to find out whether it really does need years of expensive prevarication to secure life saving/threatening equipment.

      1. Charles 9 Silver badge

        Re: Take results with a pinch of salt

        And how do you deal with network bridges, accidental or not?

      2. Paul 195

        Re: Take results with a pinch of salt

        "In general, it takes about six years to get approval from American regulators on a new medical devices and that rises to 10 if the device has to be implanted into a human."

        There's a strong argument that such devices should always be airgapped - if you can't patch them in timely fashion, they will always be at risk.

    2. Doctor Syntax Silver badge

      Re: Take results with a pinch of salt

      "wonder what the lessons learnt are, that a hospital could be put immediately into practice."

      Why would the lessons learned have to be put into practice immediately? Some, maybe. But the fact that some or even all may take longer doesn't invalidate the exercise.

      Have you ever carried out a DR practice? If you have I'm pretty sure that at least the first time you would have learned a great deal about how to prepare for a real DR event. Given that you don't see the point of this exercise I'd guess you haven't.

      1. Charles 9 Silver badge

        Re: Take results with a pinch of salt

        Things have to be done RIGHT NOW because hospitals are vulnerable (to the point that people can DIE) RIGHT NOW. The whole medical system is being put on notice, and they need new options...QUICKLY.

        1. Doctor Syntax Silver badge

          Re: Take results with a pinch of salt

          "Things have to be done RIGHT NOW because hospitals are vulnerable"

          Let's look at that a little more carefully.

          What has to be done right now?

          I'd say the first thing that has to be done is to find out what has to be done (yes I did spend time living in Ireland ;).

          The medics have a term for this, it was used in the article: triage.

          Some things can be done quickly but everything can't be done at once because you always have a finite number of people to do it and things have to be done in order: if you think the network needs to be rearranged so as to isolate the more vulnerable equipment then that has to be planned, otherwise you may accidentally fail to do so by missing out on some bridge or you may separate a piece of equipment from other systems it needs to work with. Then you may need to buy more kit which has a lead time.

          You can start doing things right now (Starting telling TPTB you're going to need to budget time and money is one). You will actually be able to finish doing very little right now.

          Above all you need to avoid the politician's syllogism: something needs to be done, this is something therefore it must be done.

      2. Roland6 Silver badge

        Re: Take results with a pinch of salt

        Have you ever carried out a DR practice? If you have I'm pretty sure that at least the first time you would have learned a great deal about how to prepare for a real DR event.

        Precisely! You learn "how to prepare" and deal with a real DR event. However, looking at the thumbnail sequence of events in the simulation and the "destructive malware" (what were the parameters used to define destructive - the malware knows all the known and unknown exploits in all hospital systems?), I get the impression this simulation was more about sensationalism than real learning, particularly as no reference is made to any previous simulations, ie. this simulation was staged to make a point.

        Personally, I start from the basics and build up, this allows me to take an organisation step-by-step through the change process, with reduced risk of shocking the client into paralysis.

        1. Roland6 Silver badge

          Re: Take results with a pinch of salt

          wonder what the lessons learnt are, that a hospital could be put immediately into practice.

          By this I meant, okay we've done the simulation what do we do next, ie. what can I action/task people with - this is both things that can immediately change things on the shop floor and investigations etc. that will result in change.

          My reading of the article is the main finding seemed to be that the hospital effectively ceased to be a hospital on day 3. Which is the sort of finding I seem to remember some consultancies liking, as it provided the opportunity for a rather large, loosely scoped consulting assignment - just sign here...

  4. Peter Prof Fox

    It's not a slight risk times one

    Suppose for sake of argument that the probability of severe consequences is 1 in 100 and 'merely' disruptive 1 in 10. Now attack 100 hospitals. Oh my giddy aunt!

    We have to realise that this isn't the same as an isolated event such as say a fire or lunatic with a grudge and a few bullets or passwords, but a many thousands of targets campaign. It's the environment that's deadly not just a couple of bits of kit.

  5. Anonymous Coward
    Anonymous Coward

    All plausible

    however, although the devices themselves may not be able to be secured, it can be made harder by putting them on a private network, and using MAC authentication etc. This will reduce exposure to many network based threats. Every enterprise has a few devices (vendors like to call them appliances) like this.

    As for attacks being made locally - this can never really be mitigated technically - equipment has to be out all the time therefore staff eyes are the best defence here until new designs are approved. In my experience devices are more likely to be stolen than hacked anyway...

    1. Mark 85 Silver badge

      Re: All plausible

      I'm thinking along the same lines. Why does the equipment have to be on the main hospital network except (as the article points out) most hospitals don't have a security department in IT. If all the equipment were on a private, isolated network, it would make an attack damn difficult. I see no reason for most equipment to be public facing.

      Sure, they connectivity for the equipment and the computers for patient info. But reality.. none really need to be public internet facing. To move data from doctor's offices to patient files could be done from internet facing equipment via filtering computers (for lack of a better word) and securing the network interfaces... the switches themselves. Won't completely solve the problem but it would sure as hell remove the low hanging fruit that is there now.

  6. Bilious

    Entangled

    Some emergency services of hospitals need coordinated efforts at full capacity and full attention from a number of different sources now. If one computer-dependent service is crippled, that will easily influence negatively throughout the system. No med tech equipment needs to be affected: decreased availability of patient history or lab results is enough to cause delays and increase risks.

  7. Anonymous Coward
    Anonymous Coward

    Who in their right mind has internet/computer controlled and connected refrigerators? The rest makes sense but that's just a bit far fetched.

    1. Doctor Syntax Silver badge

      "The rest makes sense but that's just a bit far fetched."

      There was an internet connected dishwasher mentioned here a few months ago: https://www.theregister.co.uk/2017/03/26/miele_joins_internetofst_hall_of_shame/ That turned out to have been intended for use by medical services so it doesn't surprise me that they would have actually found internet connected fridges. This sort of exercise should lead to questioning the wisdom of such devices.

    2. Korev Silver badge

      Who in their right mind has internet/computer controlled and connected refrigerators?

      A lot of drugs, blood etc need to be kept cool, having monitoring of the conditions would be useful. for example, if a drug is kept at room temperature for too long then it could be chucked away, a fridge could notice some odd parameters and have an engineer look at it etc.

      The fridges etc. really should be on a separate network to the rest of the hospital though and definitely not on the Internet.

      1. Charles 9 Silver badge

        If it's on a separate netwoek, it can't communicate with other departments like the pharmacy/dispensary. Especially in a situation where seconds can count.

        1. Anonymous Coward
          Anonymous Coward

          Good points and yes monitoring is useful but the fridge power/temperature itself shouldn't be controlled by an app connected or not because you are adding weakness that just isn't needed. A thermostat does exactly what you need.

      2. Doctor Syntax Silver badge

        "having monitoring of the conditions would be useful"

        Every freezer I've had monitors itself. If the temperature rises above a limit it sounds an alarm. If a fridge or freezer isn't located where the alarm wouldn't be heard it's not beyond the wit of man to run a bit of twin core to sound the alarm somewhere where it would be. It doesn't need to be connected to the internet; that's just needless - and dangerous - shiny for the sake of shiny.

    3. TRT Silver badge

      Hmm... not really. I mean, we have a lot of incubators, fridges and freezers and -80°C freezers and liquid nitrogen tanks etc. Currently they are monitored by a third party add-on thermal scanning system that beams measurements by radio back to IP connected base stations (thick walls), that then relays the signals to a central C&C computer. But the same C&C system can accept suitably formatted input from a device with an integral self-monitoring system. We just haven't bought any because a plain old fridge is cheaper.

      And then there's the question of the fridge contents. We are currently implementing a sample labelling and storage system in order to track every single aliquot of DNA, tissue, plasmid, you name it, that goes into storage. We aim to be able to pin down the exact shelf, drawer and box location of every sample, primarily so that freezer doors need to be opened for a far shorter time leading to a reduction of energy use and defrosting requirement. It will also enable an exit policy so that ownership of samples will not "stutter" when someone leaves - it was discovered in a recent audit that around 40% of our storage capacity is taken up with ownerless legacy material. Now, each fridge, freezer and storage unit will have a barcode reader tacked to the outside for people to record what they put where and when. These records are tied into electronic lab books and electronic protocol lists.

      I wonder what would happen if we lost all those data in a cyber attack?

      1. Korev Silver badge
        Boffin

        Sounds like a pretty good system. Can you also track sample lineage eg DNA sample 1 and RNA sample 2 both come from tissue A?

        1. TRT Silver badge

          Yes. The principle is simply that the data are stored in a relational database, and you can do with it what you will. It was originally designed for chemists, so you can even put in floor plans and the system will alert you if you try to store too much of a particular class of material in the one space, or try to put two potentially hazardous reactants in the same area. On top of which it's web based and there's an emergency services access code so that responders can determine where stuff is in the building, what hazardous materials are there etc etc even from the back of a fire engine en route.

          1. Korev Silver badge

            Sounds good :)

            The emergency services system sounds good; I know of a laboratory which had a "slightly more exothermic than planned reaction" a few years ago and "understandably" the Fire Brigade wanted to know what radiochemicals were in the building. At this point the DBA was the most important person onsite (oddly enough the report was very quickly added to their system).

            1. Anonymous Coward
              Anonymous Coward

              Ha! A certain university that has had problems with its IT systems... ooh! coming up to the first anniversary of that, has recently built a hotel / student dorm next to a research building. Queue the first visit by the coal-face techs from the labs next door... "Err... you do realise that the wall you've just built your hotel across the side of is a sacrificial wall, designed to blow out if there's an explosion in the chemical store behind it?" "Err... no. Really? Well, I guess you'll have to find a new chemical store."

              Did they not give these people any blue prints?!

              1. Anonymous Coward
                Anonymous Coward

                I've never heard of the term "sacrificial wall", do they do the incantations when it's built?

    4. Anonymous Coward
      Anonymous Coward

      Who in their right mind has internet/computer controlled and connected refrigerators?

      They don't need to be, if the hospital power grid is computer controlled, then bye-bye fridge...

    5. ciderbuddy

      Should be called the 'Shit-Bit'

      It is crazy. I was buying a new vacuum cleaner last week, and there was one which had WiFi.

      Apparently there is also an app so you can monitor suction efficiency or something

      1. TRT Silver badge

        Re: I was buying a new vacuum cleaner last week

        If it was made by Microsoft, you can be certain it won't suck.

        1. Doctor Syntax Silver badge

          Re: I was buying a new vacuum cleaner last week

          If it was made by Microsoft, you can be certain it won't will suck.

          FTFY

  8. Charles 9 Silver badge

    Seems you can't win.

    If you don't do anything, hospitals get pwned, people die, and survivors sue.

    If you try to rush things, Murphy strikes, people die, and survivors sue.

    And we can't expect fallible, even diabolical humans to get it right the first time, either.

    1. toughluck

      Re: Seems you can't win.

      They don't need to get it right. They just need to be able to cause some havoc.

      Seems the NotPetya crims were unable to decrypt drive contents after victims paid up. Never mattered to them, they still got paid.

      Suppose they'd used a known vulnerability, but only managed to infect and severely disrupt (=shut down) one hospital in a hundred. That's still a terrifying prospect if they attacked a thousand of them. Worse still, the remaining 99 would still be infected to some extent, possibly disrupted, potentially having a lingering latent threat.

      The only real problem for criminals is developing a business model that would allow them to extract money from such an attack. If there's no benefit*, there's little likelihood that anyone is going to do it just to cause havoc.

      *) Allowing for a scenario of an attack gone out of control by an arsonist firefighter, some hacker with a grudge or somebody on a vendetta against the medical system, but I don't think these are likely, or we would have had them by now.

  9. Anonymous Coward
    Anonymous Coward

    Not just the UK, I was in a rather nasty vehicle accident just over a year back in a not so foriegn hospital, and I ended up in a burns unit in a isolated room with its own aircon etc for two months while bits grew new covering skin and I was attended to by aliens with just their eyes visible, and while I was in there, I saw a few things that made my hair curl a bit. First the machine that went ping that hooked onto me, was networked back to a central nurses station so if anyone popped off, they could rush in to their rescue which was awkward as I kept pulling the ping sensors off when asleep. This connected to a in room display with a rubber keyboard (so it could be disinfected daily) in the room itself also for staff to enter extra data taken or food/drugs administered during regular observations in room into some central database of stuff done to each person. I was given the printouts from my records on discharge, it was pretty impressive to read.

    I was quite surprised to see a nurse able to pop onto their facebook account using the obs entry computer one night, especially as the machine was unpatched XP, and the machine that went ping ran windows 98...

    Also I was permitted a tablet and a smartphone after I agreed to use brand new devices and that they could be passed through decontamination protocols. I was not allowed to use wifi under any circumstances as use of it would disrupt their local equipment signalling network but 4g was ok. I bluetooth shared my tablet to the phone after some rooting activity to get out and get some sanity saving connectivity. On one occasional I accidentally switched the wifi on for a few seconds, and it managed to find a open ap and sign onto it before I pulled it down as quick as I could.

    Towards the end of my stay I was able to get up out of bed and they brought in people to do various bits and bobs and maintenance to the system to make sure the room was ready for the next unlucky occupant, and one such repair involved someone reflashing the first alert button systems, which turned out to be a single board computer with a ethernet connection behind a lcd panel in the wall connected to the big red button. Chatting to the engineer like y'do, they had reflashed it externally to try and resolve the false alerts before deciding the issue was hardware in the room related, he showmed me how to make it cycle the lcd display to show ip info and version and stuff from button combo's on the panel itself, great, really interesting, no credentials required. And a very recognizable network topology too :-)

    Given the machine that went ping had outbound connectivity, I wouldnt mind betting that system had it too and not just to the mothership for reflash purposes. All gluing the infrastructure with that central database of very very personal information at its core...

    If your curious, I'm all growed back now, but I have some cool leg, torso and arm scars that I tell children at the swimming pool was from when I was attacked by a man eating great white shark as I poked its eyes out to escape :D

    At the end of the day, I was there to be helped, there's no way I would take my curiosity further or try to make any of the excellent staff's jobs harder, and indeed there's no way I'd risk the legal repercussions of taking any of my concerns further without a contract covering engagement to do so.

    I think that there's a real dearth of people with the security & testing mindset not being allowed into the operational areas because of a fear of what they might find in what is a already overstretched and underbudgeted area without the resources to address fixes, and that is leaving vectors open that could be shut for smaller expenses without making anyones job more difficult because with patients they already have enough grief to start with. And I have no idea how that network is seperated out, but if its arch'd the way it appeared to be from 3rd party observations, someone with security architectural experience needs involving too.

    So I read things like this from derby con and nod my head, life's rich tapestry has yielded a similar experience...

    Posting anon, but some people will know me from the above alone.

  10. ExampleOne

    "With elevators and HVAC systems out, and no refrigeration for medicines, patients had to be shuttled to other medical facilities and some were not making it there alive."

    Because we could never do elevators/HVAC/refridgeration without computers?

    Honestly, if an attacker can completely take out your elevators/fridges/HVAC, you have a LOT of other problems, and I would question if this "study" goes far enough. What if the attackers instead simply take out the electricity grid and the hospital back-up generators/power sources? The problem here isn't "poor IT security", it's a complete lack of ANY form of effective "business continuity plan" and disaster response planning.

    If a hospital can cope with a complete loss of all electricity, it can cope with anything the hackers can throw at it by simply switching everything off. If it can't? The rest is simply details.

    1. TRT Silver badge

      Hospitals cope with a complete loss of grid electricity by having a mahoosive diesel fed generator and a contract with a major fuel distributor such that they can get a great big tanker there to refill it every 6 hours, 24 hours a day, 7 days a week, 365 days a year.

      1. Anonymous Coward
        Anonymous Coward

        To quote the previous poster:

        What if the attackers instead simply take out the electricity grid and the hospital back-up generators/power sources?

        If the internal power management is computer controlled, then that would be relatively trivial, and it doesn't matter how mahoosive your generator is.

        1. TRT Silver badge

          It's not computer controlled. It uses solid state zero-switching regulators. And very big pieces of metal that move. But the point was that hospitals can't survive without electricity, so turning the power off doesn't help with a cyber attack. Well, hospitals as we understand them. Obviously a field hospital in the middle of an African plain where the closest thing they get to electricity is a battery powered fob watch, a pen light and a solar rechargeable sphygmomanometer is another thing. I reckon they could cope.

      2. ExampleOne

        "Hospitals cope with a complete loss of grid electricity by having a mahoosive diesel fed generator and a contract with a major fuel distributor such that they can get a great big tanker there to refill it every 6 hours, 24 hours a day, 7 days a week, 365 days a year"

        If we are going to play hypotheticals, how does the tanker get there? How much chaos can our attackers cause taking out the traffic control systems?

        Given the threat model in the original article included bomb attacks as part of the exercise, how much damage would a well placed van of fertiliser cause? What happens if an attacker takes out your generators or manages to set fire to your fuel reserve?

        In the face of wide-spread, deliberate, electronic attacks, there isn't any service in the western world that would cope. The brutal truth is "we ain't seen nuthin yet". A determined electronic attacker launching large scale coordinated attacks against multiple targets is probably going to make all these threat models look like children's exercises. The lucky truth is that the terrorists really aren't that good at this.

        Going back to my original point, why are the hospital fridges doing anything more than one-way unicasts of their data? Why are they controllable over the network? Logging what is in the fridges doesn't need to be connected to the fridge control systems.

        Similarly, why don't the elevators have a switch to shut off all their "remote control" functionality? I think every elevator system I have seen has had similar options using keys. Worst case you need someone in every elevator managing them using hand-held radios - expensive, but not an unbearable burden.

        HVAC: Again, why is it not possible to quickly disable the computerised management systems and manually dial in target settings?

        Failures like these are not "IT security failures", because really these shouldn't be IT systems. They are systemic failures, the blame for which lies with senior management trying to trim costs aggressively and equipment suppliers who are prepared to provide equipment that doesn't "fail safe" cheaper than equipment that does.

        1. Charles 9 Silver badge

          "Failures like these are not "IT security failures", because really these shouldn't be IT systems. They are systemic failures, the blame for which lies with senior management trying to trim costs aggressively and equipment suppliers who are prepared to provide equipment that doesn't "fail safe" cheaper than equipment that does."

          You can't fault the management, though. They have budgets to keep or they have to explain to financial boards, maybe even government officials with potentially serious consequences. Forget potential disasters when those officials CAN AND WILL confront you. IOW, the certain threat trumps the uncertain one.

          1. ExampleOne

            "You can't fault the management, though. They have budgets to keep or they have to explain to financial boards, maybe even government officials with potentially serious consequences. Forget potential disasters when those officials CAN AND WILL confront you. IOW, the certain threat trumps the uncertain one."

            If the fault for decisions doesn't lie with the people who made the decisions, who does it lie with? You claim that they decided to play roulette with the safety of the hospital and peoples lives to avoid dealing with budgetary problems now, and you suggest that this decision isn't their fault?

            In practice, here, I would say if the financial pressure leading to these decisions is coming from the financial boards or government officials, than you have identified the senior level of management responsible: Those boards or government officials. But someone, somewhere, is making a decision to sacrifice safety to meet financial targets, and I seriously doubt that decision is being made in the IT departments of hospitals.

            1. Charles 9 Silver badge

              "In practice, here, I would say if the financial pressure leading to these decisions is coming from the financial boards or government officials, than you have identified the senior level of management responsible: Those boards or government officials. But someone, somewhere, is making a decision to sacrifice safety to meet financial targets, and I seriously doubt that decision is being made in the IT departments of hospitals."

              Thing is, when the bad decision is coming from UP TOP (and when it comes to governments, a SOVEREIGN entity with no higher authority), what can you do? You're basically outranked. And given the scope of the problem, voting with your feet is simply a matter of leaping between sinking ships.

    2. Doctor Syntax Silver badge

      "Because we could never do elevators/HVAC/refridgeration without computers?"

      And nobody ever put the HVAC on the same network as the business and nobody ever let the maintenance company have access to the HVAC and nobody ever got pwned because of such a set-up. Of course not.

  11. HmmmYes

    Just dont use Windows.

    Use Linux, or FreeBSD. Strip down the image to the bare arse of what you need - no surplus crap floating in the install.

    Put all cleint applications in a web browser.

    Poof! 98% of problem go away, leaving you to spend time looking at the more serious hacking etc.

    1. Neil Alexander

      I really hope you're not a CSO.

  12. Gnosis_Carmot
    WTF?

    Not surprising given the user base at hospitals

    Overheard a call once where a doctor was calling wanting the mouse calibrated. To the mouse pad. So when the mouse was in the center of the pad the pointer was in the center of the monitor,

    1. TRT Silver badge

      Re: Not surprising given the user base at hospitals

      Meh. We had a Silicon Graphics with an optical mouse and a special mat with a graticule on it that did that. I'm still not sure how it knew it was in the centre of the pad.

      1. Charles 9 Silver badge

        Re: Not surprising given the user base at hospitals

        It may not have been a pad but a digitizer, which WOULD have a coordinate system. Your basic Wacom pen input pad does the same thing.

  13. Anonymous Coward
    Anonymous Coward

    simple hacking

    "All of these deaths, in the simulation, were caused by simple hacking"

    Something which apparently takes out things which aren't network connected such as refrigitation and HVAC(*) systems is far from 'simple hacking', as it would have had to take out the electrical and water supplies.

    (* Although generally digitally controlled, such systems are rarely ever network connected)

  14. John F***ing Stepp

    This is really a worse situation

    Than you could imagine.

    Before IoT hospital care and the machines involved needed a common language, so one was devised (by commitee*) that allowed each machine to talk to another. This language is coded to the point that it would take a person at least a week to be able to read off the codes as if it were plain text.

    At least one hospital (one that I know of) uses Perl script to do all of the tasks (nothing wrong with that, right?) because Perl is a get it done language.

    All or most of the equipment suppliers are hard codeing in the common language into the various machines, really, I think that the only reason this disaster waiting to happen has not happened is that most hackers would not deam it much of a challenge.

    * not naming common language, two letters and a number.

  15. Ken Mitchell

    Triage, Defined

    The article (or perhaps the doctors, it isn't entirely clear) is confused about the meaning of "triage". The original (Napoleonic War-era) definition divided combat casualties into three categories. The first group was expected to die, no matter what treatment was provided. The second group would probably survive, if treated immediately. The third, less severely injured, group would survive with minimal, perhaps "first aid"-level treatment.

    The first group would get palliative, comfort care to make their deaths as easy as possible. It is the SECOND group that got the doctors' attentions, because they were the ones who could PROBABLY be saved.

    1. Charles 9 Silver badge

      Re: Triage, Defined

      It's not that different today. Modern triage uses more than three categories these days (I suspect you were emphasizing the "tri" in triage), but the basic three you describe are still there: from the minor cases up through emergency cases (just with more levels in between), and they do keep a level for terminal cases. The most visible symbol of triage I can recall from memory is a tag that's attached to each triage patient. It has multiple tearaway tabs, and you're considered the bottom level still intact. It runs from yellow for the basic cases up through to red for emergencies. The last level is black for terminal.

  16. Anonymous Coward
    Anonymous Coward

    Watch the video, people

    Then babble your armchair expertise.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022