Computer virus takes down Barts and the London

18 Nov 2008

A computer virus has infected Barts and The London NHS Trust, shutting down the computer system that runs its three hospitals for more than 24-hours.

The network went down on Monday lunchtime, taking out internet and email and other applications.

A trust spokesperson told E-Health Insider: "The virus attacked yesterday afternoon, and the IT department put in place procedures to tackle the outbreak, which they thought they had under control. But when staff logged on this morning, they found the virus was much more widespread than thought, so they then closed all but essential areas of the network and declared a major incident.”

The spokesperson added that systems are starting to come back up on a priority basis. "We should be back up in a day or so."

He also said the Cerner Millennium Care Record System was not affected and the trust's "well rehearsed" emergency procedures had been activated.

"Manual backup systems are in use, and we are in the process of restoring the computer systems, with priority being given to the most important areas for maintaining patients services," the spokesperson said.

“We have maintained a safe environment for our patients throughout the incident.”

Operating theatres and outpatient departments have remained operational, although some non essential activities have been scaled back. A&E remains open to walk in patients and ambulances are being diverted to neighbouring hospitals in the short term.

The trust said patient transport services “are likely to be disrupted by difficulties with computer systems."

Jon Hoeksma

Reader's Comments

Eliminate Malware by Controlling Application Use

18 Nov 08 22:43

Once again, the battle to protect a network from malware has proved insurmountable. We are now very aware that anti-virus applications alone cannot control this problem. Out of the 99% of enterprises with anti-virus protection, 62% still suffered a malware infection. (Yankee Group, 2005 Security Leaders and Laggards Survey)

One solution to consider, Application Control (white-listing) which provides granular, policy-based enforcement of application use to proactively secure endpoints from data leakage, malware, spyware, keyloggers, Trojans, rootkits, worms and viruses, zero-day threats and unwanted or unlicensed software.

Think about how you control this type of outbreak - by identifying the potential threats and stopping them or just stopping them from executing in the first place.

AV is so flawed

square_route@yahoo.com

19 Nov 08 12:52

Anti Virus vendors do not and can not keep up with the volume of signature based attcaks out there...when will someone listen to this??! People need to sit up and listen to the advice that a blend of solutions is needed to combat this type of problem...roll on user freindly Application Whitelisting!

worrying....

20 Nov 08 10:24

From other news feeds on this, this is a four year old virus! M$ released a patch for the exploit used by the virus over four years ago. I realise that organisations are hard pushed for resource, but windows updates can be deployed automatically in a controlled way - and this takes less time to setup than the clean up operation will take. The AV software must have been woefully out of date or misconfigured too for the infection to have this much of an impact.

I've been in this position before though, and I appreciate the difficulties of securing a large network in public buildings, not to mention all of the medical kit with embedded PC's that simply don't have (and the vendor won't allow) AV software. The guys dealing with the outbreak have my sympathy. I just hope this helps them get the tools and resource they need to stop it happening again.