Well, here's a piece of malware that's pulling a particularly vicious trick--infecting medical devices at hospitals around the world. The Conficker worm has infiltrated many critical medical devices, including MRI machines. To date, no patients seem to have been harmed, but no one's sure what's next.
In March, researchers monitoring Conficker discovered that it had colonized medical devices, when they noticed that an imaging machine put a call out over the Net, something a standard imaging device would never do. As it turned out, Conficker was researching out for instructions that cause it to rewrite itself, making the infection worse.
Once researchers discovered the anomaly with the imaging machine, they looked further, and found more than 300 similar devices at hospitals around the world that had been infected. What's more, thousands of other machines, including personal computers and medical devices within hospitals, were apparently networking with the central Conficker machine. At the peak of the infection, a working group estimates, there were more than 10 million devices infected worldwide.
The worm apparently slithered into the machines because they were using an unpatched version of Windows for embedded devices. Ordinarily, the fix would be simple--just install the darned patch. But given FDA rules, the manufacturer had to give 90 days notice before it could make the update. (Nice, huh?)
To learn more about Conficker:
- read this article from the San Jose Mercury-News