IT staff at three major London hospitals have spent a second day struggling to restore IT systems following a major computer virus outbreak. Computer systems at the St Bartholomew's (Barts) the Royal London Hospital in Whitechapel and the London Chest Hospital in Bethnal Green were taken down on Tuesday in response to an …
"using onecare?" ... By Anonymous Coward Posted Wednesday 19th November 2008 15:57 GMT
Ah, referee? Low Blow/Foul?
Imagine if it had got onto the patient records system. Worse if that system becomes part of the central ID system!
our condolences go out to all those affected, by the sheer incompetence of the NHS.
Most trusts seem to employ complete muppets. I can still remember having to watch a pair of network technicians re-build a switch configuration from the drawings they had on a whiteboard. All because they didn't know how to tftp the old config off before changing the firmware....
Hope the little shyts that wrote this virus find themselves on the hospital operating table while a surgical team tries to access their medical history for possible drug complications.
"well...let's just hope he's not allergic to penicillin..."
Better yet..."So this is the computer programmer? I thought he had tonsilitis...but it says here he's a gender change patient? Oh well...it's still a small surgery anyway [ha ha ha]..."
Of course if the NPfIT had been implemented as planned with the whole of UK patient records accessible at any Doctor's/Nurse's/Civil Servant's/Spook's workstation using shared passwords, then this couldn't have happened. It would have been so much more secure. Anyone who doubts that is worthy of a criminal investigation (of the doubter).
My experience of visiting numerous IT teams draws me to the conclusion that one of two scenarios applies:
- Loads of money combined with incompetence and poor management.
- An excessively small team of good staff, working all hours on a pittance with a shoe string budget.
The latter used to be common, but seems to be increasingly replaced by the former.
Flame bate, perhaps, but not without a grain of truth.
If they were running Linux, I bet it would be the first confirmed case of Linux catching Trojan in mass. I have feeling it wouldn't mater what OS they used, they woul find away to screw it up.
... why not get rid of it?
Seems that the whole place runs just fine without IT systems - according to them, anyway. If so, why not just ditch all that expensive kit and do without it?
So I wrote an article on this a couple days ago. Basically this is just proving my point. These guys are paid to maintain and protect the systems of the NHS but they didn't use due care or due diligence in their day to day operations???
This vulnerability was known about weeks ago. The fact that there was a proof of concept, on the out of ban patch release date should have given them a clue.
But no they collected their pay checks and put patient information at risk.... Now they come out and say "We (NHS) are 100% sure that not data was leaked".
So riddle me this?!?!? They can't patch systems but in one day they went on all the systems and checked if data leakage took place??? I THINK NOT!!! Sorry boys I have a hard time believing you scrubbed all systems for rootkits and malware and filtered all traffic to ensure data leakage did not occur. If you HAD been doing all that ,this would not have take place in the first place.
Actually all you had to do is push one patch!!! What is your excuse for not doing your job??
That is just poor.
Situation under control? My wife was called in from holiday to help the medical staff there. The Accident & Emergency Dept is effectively closed seeing walk-in patients only. Most of those are referred away. Ambulance patients are taken to other A&E hospitals.
The PC's on the site are old and poorly patched. The outsourced IT support is ineffective. I bet some genius bean counter has made some wonderful savings by cutting back on the IT Budget.
How effective are those "savings" now?
I think we all know government IT projects are synonymous with disaster but let's not be too rough on their IT staff, odds are they're over-stretched and over-managed.
I've worked for plenty of private companies whose ignorant over-management of IT has left yawning chasms in their security.
Every day my crappy PC grinds to a halt for at least half an hour whilst a meaningless audit is performed and then for another half hour whilst it's scanned using an out of date virus dictionary.
OS updates? Forget it, they have to be approved first.
It's easier to just to boot from a Linux USB stick...
I'll get my coat because I'm off to throw a brick through my local BNP members window. IN MY MIND.
yet another example of how windows is an insecure pile of shit that should be tossed out the (excuse the pun) 'window'. Had they been using linux/*NIX with a half decent admin this would never have happened.
Also yet another reason as to why we can't trust NuLab and government agencies to protect confidential data.
We get this shit just about every fucking day now and I think I can speak for most when I say that we're all sick to the teeth of it,
For fucks sake guys, pull your bloody fingers out and get a clue.
From someone on here actually in the know:
"The PC's on the site are old and poorly patched"
"The outsourced IT support"
There you go. Outsourced IT, almost certainly a private company, O "anything the government does is shit" kneejerkers take note. Couldn't give a shit. They'll have given admin rights to World + Dog so they know "it'll work" without putting any effort into making it work properly.
They'd add Guest to Domain Admins if it would save them having to think.
Patient records system << It did actually infect the systems containing this... no proof cause of typical goverment coverup. (Now imagine how that would effect the Labour party, if everyone knew that these systems did not have "real" rehearsed disaster recovery in place).
Reality << Attack was so bad that they were using pictures from their own mobile phones to operate life threatening cancer patients. Mytob is what they claimed, all i got to do is laugh cause thats only part of it.
Conclusion << Shutting down hospital and literally making them paralysed. Disaster recovery was even more of a disaster itself; basically did not work the way it was suppose to. Diverting all ambulances to other hospitals (this alone is disgraceful), next to no or very limited A&E service. The so-called IT staff, now has to go around every single computer and spend approx 2 hours cleaning up the viruses/worms/trojans etc
source: Me = NHS employee
evidence: none, you believe it or you don't