Chomp… chomp, chomp…. (Conficker worm)
The headline reads “Conficker worm bites University of Utah.”
Over 700 computers (running Windows, of course) at the University of Utah have been infected with the Conficker worm, including the computers at the university’s THREE hospitals.
The Conficker outbreak was detected on Thursday (the day that Conficker “awakened” in many places), and by Friday, it was obvious that the worm had attacked the hospitals, medical school, and nursing, pharmacy, and health colleges.
The university reports that patient records have not been accessed (Are they sure? Would they KNOW?). In order to isolate the virus, the univerity IT folks cut off Internet access, for up to six hours. (A few of my many blog entries on Conficker (Downadup; Kido) are here, here, and here.)
OK, I guess what I said recently about choice of operating system being an “intelligence test” was actually a bit UNDERSTATED. The University of Utah infection shows that the choice of operating system is, more accurately, a matter of life and death. When infrastructure that is essential to the well-being of patients is easily attacked, whose fault is it, really?
I believe that it is ultimately the responsibility (and fault) of the buyer and deployer of the software. If you deploy an OS, it is your responsibility to keep it safe. If you cannot keep an OS safe, it is your responsibility to either 1) step aside and let someone who CAN keep it safe have that responsibility, or 2) find an OS that you CAN keep safe. (Ah, there’s that “intelligence test” again.)
IMHO (in my humble opinion), after my years of work in high tech and security, option #2 is a lot smarter and a heckuva lot less work. Besides, a lot of my work convinces me that option #1 is not really an option at all! Option #1 is really an “arrogance test.” I know. I worked for a company with IT staff who thought that they could keep infection out by locking Windows down. (They were wrong.) What really happens is that, under optimal conditions, staff can DO less, both evil AND good. Under less than optimal conditions, infection can occur ANYWAY.
I know that changing operating systems costs a lot of money. Changing applications software costs a lot more. However, a few lawsuits by patients might make the change of OS really economical, in the long run. These are just my opinions, however. Your arrogance may dictate otherwise (YMMV, “Your Mileage May Vary”). Let’s just hope that you are not responsible for the lives of patients (or the defense of France).
-Bill at Cheshire Cat Photo™
You can view higher-resolution photos (*generally* 7-30 megabytes, compressed) at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. Apparel and other gifts decorated with some of our most popular photos can be ordered from the Cheshire Cat Photo™ Store on CafePress®. Both Shutterfly™ and CafePress® ship to most international locations worldwide! If you don’t see what you want or would like to receive an email when new photos are up on the site, send us an email at info@cheshirecatphoto.com.