Misconfiguration facilitates worm outbreak in London NHS hospitals
According to an investigation, the November 2008 infection of the Windows worm Mytob in three London hospital computer systems has been attributed to a misconfiguration. The investigation reported that McAfee 8.5 anti-virus, a product also known as VirusScan Enterprise, was installed on the hospital computers and this is normally set to update daily, however approximately 4,700 systems were not properly configured. This allowed the three year old worm to enter the systems through a back door. The publicly available report to the London NHS Trust does not provide more specific details.
The three hospitals that were infected, St. Bartholomew's, the Royal London Hospital and The London Chest Hospital, were forced to temporarily divert emergency patents to other facilities, due to the computer infection, after declaring an "internal major incident." According to the investigation, the worm did not compromise patient data.
The report advises that Mytob was "introduced accidentally" to the hospital networks and recommends that in addition to other security measures, the hospitals should improve personnel training to help prevent further attacks.