Computer worm wreaked havoc at federal health agency
Last Updated: Monday, March 31, 2008 | 12:12 PM ET
The Canadian Press
Related
The federal agency that helps protect Canadians against epidemics came down with a devastating case of computer cramps last year that could have put lives at risk.
Hundreds of computers at the Public Health Agency of Canada fell victim to a "worm," a bit of malicious software that nearly brought operations to a halt.
The infection began with just a few computers but spread like a Prairie grass fire, eventually knocking out 1,308 work stations in three cities and taking more than a month to eradicate, say newly released documents.
The "worm" also spread to Health Canada when infected agency computers tapped into the bigger department's data network, disabling 543 additional work stations in five of Health Canada's Ottawa-area offices.
The attack is estimated to have cost the agency up to $1.5 million, including down time for employees made idle by their ailing work stations. More than 50 technicians and other experts struggled for weeks to contain the damage.
A Nov. 26, 2007, post-mortem report on the emergency warned that "the total cost of this incident could have been higher if this event occurred during a time of public health crisis, including loss of life."
The Canadian Press reviewed a 600-page file on the attack obtained through the Access to Information Act.
Error messages began chain of events
The trouble began mid-afternoon on Monday, Jan. 15, last year when a few computer users at the agency and at Health Canada reported getting error messages.
The next day, at least 50 users were unable to connect to the shared Health Canada network. By the following week, up to 80 per cent of work stations at the Public Health Agency of Canada were infected in Winnipeg, Guelph, Ont., and the Ottawa area.
"Any documentation residing on the network, desktop, computer or server could have been compromised; most of network was affected," says an "injury assessment" from Feb. 8.
Government protocols require that sensitive, confidential information about patients, doctors, drugs, and so forth be stored on a highly secure server. But the injury assessment noted that "there is a lack of technical and administrative controls to control and audit the unauthorized storage of information on corporate desktops."
The released file suggests officials could not determine for certain whether confidential information leaked out.
And spokespersons for the public health agency and for Health Canada did not immediately respond to requests for comment and clarification, such as what kinds of sensitive information was placed at risk by the worm infestation.
The post-mortem report said officials were not able to identify the precise origin of the attack, but noted that it spread rapidly by exploiting known vulnerabilities in Microsoft Windows and in Symantec Client Security and Antivirus software.
Fixes, or patches, had been available to repair the vulnerabilities well before the worm attack "but were not rolled out to desktops prior to the outbreak."
The agency eventually brought in outside help, the consulting firm Third Brigade, which fought the persistent worm for 26 days. "In some cases, the machines were re-infected within 30 seconds of being cleaned," the company said in a report.
Unlike software viruses, which attach themselves to programs and files, worms are designed by hackers as stand-alone entities to interfere with computer operations.
They propagate through e-mail or weak security points in common software and, once in place, can be used by the attacker to remotely access sensitive, confidential information.
The worm that attacked the agency (W32/IRCBot-TO) was first identified in January 2007, joining thousands of other worms that have been launched into cyberspace over the last few years.
Share Tools
Top News Headlines
- Markets gain after Greece approves austerity plan
- World stock markets rise after Greece's parliament approves a new set of austerity measures that were required by international lenders in exchange for an emergency bailout. more »
- Quebec town 'heartbroken' after killing of woman, sisters
- A small Quebec town is in mourning Sunday after a Quebec man was charged with killing his nieces and his mother, who were found dead in their family home. more »
- Hit and run victim's family fears accused will walk
- The family of a young mother killed in a hit and run is outraged that the case against the alleged driver is among thousands in B.C. at risk of being thrown out because of a huge court backlog. more »
- Neil Macdonald: The death penalty debate America isn't having
- Texas's death row archive is a troubling document, not the least for what it doesn't say about those who may be wrongfully convicted, Neil Macdonald writes. more »
Latest Health News Headlines
- Electric boost helps brain learn
- People learned better when a key part of their brains got mild zaps of electricity, a finding that may someday help Alzheimer's patients keep more of their memories. more »
- Quebec takes on bullying
- The Quebec government is introducing new measures to counter bullying in schools. more »
- Smoking pot doubles car accident risk
- Smoking marijuana a couple of hours before you drive almost doubles your chances of having a serious car crash, say Canadian researchers. more »
- Teddy bear sale raises money for charity
- The family of a Vancouver school teacher who died of cancer sells off her teddy bear collection to raise money for charity. more »
FEATURED HEALTH
- Adele wins best album, best record Grammys
- Houston autopsy results withheld by police
- Quebec town 'heartbroken' after killing of woman, sisters
- Greece passes new austerity deal amid rioting
- Pop queen Whitney Houston dies at 48
- Northern lights viewed from space
- Manitoba man dies after falling off moving SUV
- Doors blocked in fatal Manitoba trailer blaze
- Former Stanley Park petting zoo goats feared slaughtered
