Virus Shuts Down Australian Ambulance Dispatch Service 222
angry tapir writes "Computers which co-ordinate ambulances in NSW, Australia, are back online in three of the state's regions after a major virus forced staff to shut them down for more than 24 hours. The virus crept into the Ambulance Service of NSW's dispatch system, prompting staff to co-ordinate paramedics by telephone and handwritten notes. The cause and source of the virus are not yet known."
Re:I know what caused it (Score:3, Interesting)
Most likely: Yes.
A friend of mine works non-emergency dispatch--not quite the same thing as an emergency service, of course--and I get the impression that their network admin has a mild case of brain damage. Apparently they're prohibited from using non-MSIE browsers. Period. End of story. If it's not MSIE, it doesn't belong on the machine. I don't know if their internal network or the sites (externally) they have to access require ActiveX, but in either case, having ActiveX and/or requiring MSIE only and putting in place policies that prohibit the use of more easily secured browsers* is just asking for trouble. I'd guess most Windows-based organizations, either by creed or contract, have similar policies.
* Yes, I realize that Firefox is susceptible to drive-by-installs with Flash or whatever. I also realize that MSIE can be locked down fairly tightly (exploits notwithstanding) but it often isn't. Here's the catch: Locking down IE requires 1) access to the configuration which may be disabled by the network admin and 2) the majority of Windows network admins probably have zero (0) clue how to lock down the browser. Furthermore, since only recently have organizations begun shifting away from MSIE6 (!), I don't think it's possible to claim that the majority of Windows networks for small companies are sufficiently locked down.
Re:I know what caused it (Score:4, Interesting)
It is certainly conceivable that somebody mounted a direct attack, the opportunity to cause some deaths with limited chance of repercussions is probably attractive to a few people; but the odds are much greater that some automated attack mechanism hit them without knowing anything more than that the OS and services running on those hosts were vulnerable...
Re:The cause and source of the virus are not yet k (Score:2, Interesting)
It's quite possible to set up an environment where Windows is safe for mission critical applications - but often users won't accept the limitations that have to be imposed. Things like no general web browsing at all (except to sites that host a business application), no removable media, no admin rights or ability to install software, email is filtered for viruses and limited to corporate emails and emails from business partners, no other email is delivered to agents.
I've worked in IT at a 100 seat call center with Windows machines, in 2 years, none of the agent computers have had virus problems (antivirus is installed, deep scans every week), but a handful of non-call center computers have had viral infections (because they don't have the same restrictions as the agent computers).
Re:I know what caused it (Score:5, Interesting)
Re:I know what caused it (Score:4, Interesting)
More importantly with Linux you can create far more secure appliances. Where unnecessary services are completely removed and only what is required to run the appliance based server and workstations is installed and available on the installation software.
The dispatch machines need only handle bookings, dispatch, arrival, return etc. (database) and then pass that data to accounting, nothing else. With Linux it is fairly easy for a skilled person to create a custom appliance distribution, all without infringing copyright.
That is the biggest problem with windows the impossibility of creating completely custom installs with everything you didn't need, not just maybe, most likely, disabled but actually completely absent, on the machine and on installation software, all because go to jail copyright infringement.
Re:I know what caused it (Score:2, Interesting)
On Monday February 14, @01:35AM. XPeter said:
> You fuckers need to stop with the horrible MS virus jokes, it's old and untrue.
> if Linux or OSX had 90% of the market, they'd be much worse off than Windows
XPeter
the idea that other operating systems are just as vulnerable as Windows, and would be as equally compromised if they were just "more popular" is incorrect. The problem comes down to an architectural design choice. Because Windows inherited its design from earlier versions of Windows, the ability for a subverted process to be used to gain an illegal privilege escalation is much easier on Windows than it is on many other operating systems, for example, Linux, UNIX, and BSD.
Here is an excellent article you can read about the differences :
http://linuxmafia.com/~rick/faq/index.php?page=virus [linuxmafia.com]
It was written by Rick Moen and does a good job of explaining all aspects of the issue, including what the status of "Linux virii** in the wild" are.
This article is fairly comprehensive and is pretty short considering how much ground gets covered. Unlike many Computer science texts, Its very readable and clear in straight forward English. Clear, concise and readable writing is just one of Rick's talents.
Rick has a collection of excellent articles on this and many other issues. Take a look and have yourself a good read.
**Note- Rick hates the word virii. Exactly why isn't quite clear. Part of the reason seems to be that although the word "virii" was clearly Latin and/or Greek inspired/influenced, it was never actually a Latin or a Greek word. And there seems to this notion floating around that unless a word was originally a word in Latin, that it can't become an English word. Thats completely untrue, of course. For example "google"*** was never a word in any language and is now a commonly used verb in English and other languages as well. Latin, being a dead language, cannot change, but English, can and does, and has new words added to it with great frequency. So I stick it in there once in a while just to gently needle him****. :-) [ My gosh, I hope he doesn't get infected with any virii, while I'm needling him. :-) ]
*** google, as a verb, nominated for word of the year in 2002, was also selected as the most useful verb of the year 2002. Sadly "google" wasn't added to large dictionaries (Oxford (OED), Merriam-Webster (MW) ) until 2006, years behind the actual date of usage adoption. Dictionaries are typically years or sometimes decades behind current usage. MW does note the first usage as a verb in 2001, five years before MW added it. Today linguists use Google's(TM) search engine, as well as others to determine when a word has come into usage.
**** All Linguistics texts, as well as many Linguistics books written about language formation and even those written specifically about English, agree that the only authoritative rule for whether something is a word or not, is usage. If multiple people use the same sound for the same meaning, then it is a word. Isn't that just bootyliscious?******
***** The motivation here is basic jealousy.... :-)
****** bootylicious: MW added in 2001/2, OED added in 2003
Boredom... (Score:3, Interesting)
Having worked for many health care facilities over the years, including those with EMT/Ambulance staff, I can tell you that ambulance drivers and dispatchers suffer from periods of insane boredom while waiting for the next call to come in. During this downtime, they monkey with the PCs, browse some of the most pointless/inappropriate websites, and try plugging anything with an ethernet jack in to your network. The latter includes personal laptops, wireless access points and satellite/cable boxes. Solutions to this include 802.1x/NAP and even just getting the crews a DSL/Cable internet connection for their personal use. Like many things in I.T. (and life in general), the more you restrict someone's access to something they want, the more they will work against your efforts to restrict them.
In this case, I'll put my money on an outside computer being plugged in to the network.
I've never had to deal with I.T. in a fire station, but I can guess it's every bit as bad, if not worse.
Re:Where does it say Windows? (Score:5, Interesting)
Almost every comment posted so far is bashing Microsoft or Windows for being an insecure OS but I can't find any mention of either in the article. It doesn't give any information about what kind of system the Ambulance Service was running.
It said, 'Virus'. That means Windows.
I hate to be the pee on your your empiricism, but the preponderance of evidence accumulated over the last 15 years leads to the conclusion that Windows is a necessary precondition for a virus to take down an entire system (as opposed to a single PC).
Secondly, if this had been a Mac or Linux virus, you can bet your bottom dollar the headline would say so. In 4 inch letters. And red type. With Drudge-style cherries spinning. And a klaxon.
Plus, the very next story would be about the spontaneous, simultaneous death by shock-and-horror of the entire editorial staff at the Register. And Wired. And boingboing.
And then Slashdot would slashdot itself. And dogs would play with cats...
... And everyone would finally get their pony.
Re:Windows did not stop Navy ships (Score:2, Interesting)
The operating system was not involved, it would have happened under unix too.
Not true. Under Unix, it would just have killed the one uncritical process that did the division by zero (the "bad data" was a zero value for a measurement that could/should physically not ever be zero), and would have left the processes controlling propulsion and all the rest alive.
Re:Boredom... (Score:2, Interesting)
This would be easily solved by having a separate and segregated network for them to use their personal devices on. Then the work systems could be locked down hard, and they'd be able to do whatever they wanted on the non-critical ones, with no chance of this happening.
It would just require management buy-in, since you'd need a little more capex outlay, as well as the correct procedures (the latter of which is probably going to be the most difficult bit to get).