|Home » Security
Sheffield: Full Monty Returns
Do not repeat do not take your hat off in Sheffield.
You've already been sedated. It's in your drip. Now they're rolling you into the operating theatre. Once inside they'll put you completely under the ether. You're queasy as you've had no breakfast. Your mind swirls. You look to one side, the other, into other rooms along the corridor, to see other patients and staff bustling about.
And it all seems so tidy, so professional, so safe.
As you enter the theatre your eye's caught by a personal computer monitor along the one wall. You recognise a Microsoft Windows desktop and your bones begin to freeze.
But surely they wouldn't be using Microsoft Windows in the operating theatre? Of course not!
But it doesn't hurt to ask, does it? You tug at the scrubs of the nurse helping wheel you in. She looks reliable and knowledgeable!
That computer over there...
That's not used in this operating theatre is it?
Yes I believe it is - why?
Your heart sinks. You'd like to jump down off the gurney and run straight out of the building. But you're weak. They already have you halfway under.
Terror strikes your heart.
Welcome to Sheffield.
Happy Holidays! Sort Of!
This past holiday season the Microsoft Windows PCs used in the operating theatre of the Sheffield City Hospital suddenly started to reboot mid-surgery as part of yet another futile Microsoft security update. Staff had no choice at the time - they turned the 'feature' off.
What happens at that point is something else again: IT services manager Carol Hudson decides all computers in the Sheffield City Hospital network should disable Microsoft security updates.
And that's when Conficker crept in.
Conficker is yet another in an endless line of nasty buggers attacking Microsoft Windows. Current estimates are 30% of all Windows computers on the planet are vulnerable to this bastard. And that includes the Kool-Aid™ drinkers running that less than fabulous Windows Se7en beta.
Conficker has other names as the Microsoft Windows security cottage industry Landed Gentry love to make up cute names for these insidious creatures. The other names include Con-fucker, Pudanwod, Downadup, Takeadump, and Rekcifnoc.W32.
Conficker was detected in the Sheffield City Hospital network on 29 December 2008. Informatics director David Whitham claims no one can figure out how the thing got in.
'We do not know how the virus entered the network but at around the same time as the virus became evident the automatic update process had been temporarily disabled following problems with a number of PCs in theatres', Whitham told El Reg. 'This decision was taken by the IT Change Advisory Board to prevent further disruption in theatres which could have affected patient care.'
That IT Change Advisory Board could be the very people responsible for putting Microsoft Windows computers in the operating theatre in the first place. They're certainly going to have a lot to answer for.
Sheffield City Hospital tried to keep a lid on the scandal. Running Microsoft Windows in an operating theatre doesn't exactly bolster patients' confidence.
'Please note that this incident could over the next few days attract outside interest from the press... If you are at any time approached by anyone to give information relating to the current problem then please refer them to me in the first instance', Carol Hudson wrote in an internal memo.
Staff at the hospital thought otherwise and contacted El Reg instead.
No Worries, No Costs!
But the attack hasn't cost anyone anything, insist the capable IT managers at Sheffield. Brain-dead Whitham insists it's only been 'time and effort by the IT teams' - a remark guaranteed to provoke a response by the very people who blew the whistle.
And Hudson and Whitham are surprisingly very confident about the future.
'A lot of lessons have been learned during the outbreak and they are being fully documented and discussed to prevent a repeat', said Whitham and pointed to a document with the following printed at the top in big bold letters.
Don't. Use. Windows.
Resident idiots at hospitals together with Microsoft sales staff have to sooner or later be held accountable. By allowing Microsoft Windows to be used in their network the managers at Sheffield City Hospital have endangered the lives of their patients.
Don't ever trust your health to Microsoft Windows.
El Reg: Conficker seizes city's hospital network