I have received some correspondence about a massive snow job at Waikato DHB. On Thursday NZPA reported that a major computer virus outbreak had essentially shutdown all of the DHB’s 3000 plus computers. On Friday it wasÂ reported that the DHB was now restarting all their PC’s after the incident, so far I haven’t heard how it all went.
My correspondent is a Senior IT person and is livid at what has gone on. The explanations given by spokes people at the DHB are laughable in the face of even basic knowledge of major IT systems. Anyway here is their take on issue, I couldn’t have written it better myself and I think a few judicious OIA requests may go in after the dust settles.
“Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down”
“Ms Gill said DHB technicians were working on a computer upgrade overnight when things started to go awry.”
“We brought in Microsoft and have been working with them through the night.”
Really! Bringing them in is of no real use for fixing this.Â Any vendor like Gen-i, Datacom or Axon could assist just as well and likely better given that there isn’t a huge MS presence on the ground and each of those have sizeable presences in the Tron.Â All Microsoft are involved for is as a PR stunt.Â Being able to hint at the ” Don’t worry we’ve called in the pro’s”, “its a microsoft security hole so we called them to sort it etc etc” type connotations.
All MS are going to do is sign them up to a long term and expensive support agreement as a pre-requisite to take part in this shambles.Â Some form of OIA to MOH should show up the various MS deals that were signed there during and after that shambles as they did the exact same thing.Â It’s not MS’s fault and they’ll accept no blame but they’ll put on a helpful display for it and make out like a bandit at the WHDB for a long time to come for this.
Conficka has been identified as the culprit.
Well yes and no.Â Â A stingray was the culprit but Steve Irwin giving it a hug was more the reason.
“It reconstitutes itself as fast as you can fix it. It’s particularly virulent,” Ms Gill said.
It’sÂ malicious SW, that’s what it does, that’s not new, that’s not unexpected. Â You don’t clean a virus and then not expect it to return.Â You have to patch the hole it came through then you clean it.Â And the second problem with all this is the
“small pamphlet explaining the problem had been printed off-site “and people are running around distributing them” at the hospitals, Ms Gill said.”
Fantastic result if you are unable to clean and connect a small set of PC’s and a printer to manage this task then the liklihood of things being operational by days end is lets just say optimistic….
“Ms Gill said the shutdown would probably result in an “even more robust password system” being introduced.”
Huh??Â Brain explosion here.Â Â If I try and think this through they’re suggesting thatÂ the virus itself is cracking their authentication so they should increase the complexity of the passwords to make that task more difficultÂ for the virus.Â Not,Â that perhaps they should ensure the equipment is patched to prevent the hole the virusÂ used to propagate in the first placeÂ or address the no brainer requirement thatÂ the Antivirus SW should be up to date so as to be able to clean the virus from any location it has spread to…..
“It has millions of computers now under it control in more than 200 countries, according to the New York Times”
I’m assuming the Herald etcÂ added this as that’s somewhat ridiculous.Â IÂ would not be surprised if myÂ porn surfing cousins PC became infected by conficker, I would however be concerned if my own home PC did andÂ I am in a state of bubbling rage that any large government organisation could be in the situation that the WDHB finds itself.