Monday, November 24, 2008
Computer systems at three major London hospitals are largely back online on Friday morning, three days after a major computer virus outbreak forced staff to disconnect the network.
IT systems at St Bartholomew's (Barts), the Royal London Hospital in Whitechapel and the London Chest Hospital in Bethnal Green were taken down on Tuesday following infection by the Mytob worm. The three hospitals make up the Barts and the London NHS Trust.
A spokesman for the Trust explained that email and internet access had been restored "across key areas", while the Trust continues to roll out its recovery plan, gradually restoring computer access to wards and departments. "Progress is being made and we expect systems to be fully restored in a matter of days," he said.
A serious computer virus infection at the Trust - later identified as caused by the Mytob worm - was first detected on Monday. IT support staff thought they had the malware under control but systems crashed when hospital staff logged onto systems on Tuesday, prompting managers to launch an established disaster recovery plan. External consultants have been drafted in to get systems restored.
Medical work at the three hospitals proceeded largely as normal throughout the incident. Theatres and outpatients were unaffected and the main areas of minor disruption came from a decision to temporarily divert ambulances on Tuesday morning. Lab testing and imaging was available throughout the incident, albeit with doctors obliged to use pen and paper backup systems. Administrative work was probably worst hit by the unavailability of computers.
The Trust continues to advise patients with concerns about their appointments to call on 0207 943 1335 or 0207 601 8701 (in case of dental appointments). Queries about booked transport are being fielded via the main hospital switchboard on 0207 377 7000.
The Mytob worm, traced as the root cause of the problem, contains backdoor functionality. However there's no evidence to suggest that systems hosting patient records were compromised or that the infection spread beyond the perimeters of the Trust. Managers of the Trust believe it was the victim of an inadvertent infection rather than a targeted attack.
The latest statement by the Trust on its progress in dealing with the problem, issued on Thursday afternoon, can be found here.
Previous incidents of malware disrupting the operation of hospitals are rare but not wholly unprecedented. Two years ago infection by a botnet agent disrupted the computers at a Seattle hospital, and later prompted a criminal prosecution, but that's one of the very few cases of its type on record before this week's clean-up operation in east London.
Verizon, one of the biggest telephone companies in the US, today apologised to the president-elect, Barack Obama, over a security breach involving his phone bill records.
Lowell McAdam, the president of Verizon, issued a statement saying: "This week we learned that a number of Verizon Wireless employees have, without authorisation, accessed and viewed President-elect Barack Obama's personal cell phone account."
All staff who accessed the account, whether authorised or not, have been put on immediate paid leave pending an inquiry.
Verizon and Obama's team said that the cell phone had not been active for months.
Obama's spokesman, Robert Gibbs, said Verizon had informed the Obama team that his phone records had been improperly accessed.
Gibbs said the records could have shown numbers and the frequency of calls but little else.
Verizon has yet to establish why some of their employees allegedly sought access.
McAdam said: "Employees with legitimate business needs for access will be returned to their positions, while employees who have accessed the account improperly and without legitimate business justification will face appropriate disciplinary action.
"We apologise to President-elect Obama and will work to keep the trust our customers place in us every day."
One government computer a week has been going missing on average in recent months, ministers have admitted.
Figures gained by the Conservatives showed 53 had disappeared in a year, along with 36 BlackBerries, 30 mobile phones and four memory sticks.
Tory frontbencher Grant Shapps said Whitehall security had to be reviewed.
The demand comes a year after Gordon Brown apologised for the loss of data discs containing the details of 25 million people.
Department by department
Mr Shapps, the shadow housing minister, wrote recently to ministers asking what equipment and data had been lost by their departments in the previous 12 months.
The Department of Health lost the most computers, with 14 disappearing.
A spokesman said all the incidents had been investigated and that all portable equipment was marked with an invisible dye to help deter or detect theft.
There had only been one incident involving the loss of personal data, when some junior doctors' details were made available by an outside contractor in breach of their guidelines, he added.
The Department for Children, Schools and Families lost the next highest number of computers - 13.
The Department for International Development, which lost nine, said all the data had been encrypted and was secure.
The Department for Transport lost five computers and the Department of Justice four.
Mr Shapps said the Ministry of Defence and the Home Office had not replied to his question.
He added: "They need to come clean and the departments that did show exceptional computer losses have to give more detail.
"We need an urgent review of the government's data policies, especially with large projects in the pipeline.
"It shows ministers are not capable of handling this sort of thing."
A year ago it was revealed that HM Revenue and Customs (HMRC) had lost two computer discs containing the entire child benefit records, including the personal details of 25 million people - covering 7.25 million families overall.
The discs contained the names, addresses, dates of birth and bank account details of people who received child benefit. They also included National Insurance numbers.
About 50 per cent of Pune’s wireless network (Wi-Fi) connections are not secure and can be hacked into any moment, said city police
commissioner Satyapal Singh on Thursday.
He appealed to the government and private firms to strictly follow the guidelines for securing Wi-Fi connections.
Singh told reporters that a sample survey conducted by the police has revealed that out of the total Wi-Fi connections in the city, 31% are partly secured while 19% fully secured.
He said the police, in collaboration with a private firm called ClubHack, conducted checks to find out measures taken for protecting wireless connections. The survey was conducted following several incidents of hacking of the Wi-Fi system for allegedly sending terror e-mails.
The police chief said the issue needs to be dealt on a priority basis because “the city was slowly turning out to be a base for cyber terrorism”.
He said, “The survey was conducted on November 10, primarily to take an overview of implementation of security measures for Wi-Fi connections. However, many loopholes were exposed.”
Singh said that with the increasing number of wireless connections, the city was facing the challenge of fool-proof Wi-Fi security. “Various steps have being taken by the police to make the city safe and secure. The recent survey is one of the such initiatives taken in,” he said.
The police chief said pamphlets on precautionary measures will be distributed among the Wi-Fi users soon. The police will also display similar information on its website,” he said.