Computers and public health: as the worm turns

A viral infection with serious public health consequences occurred in Canada on January with little publicity:

Hundreds of computers at the Public Health Agency of Canada fell victim to a "worm," a bit of malicious software that nearly brought operations to a halt.

The trouble began Monday, Jan. 15, 2007, when a few computer users at the agency and at Health Canada reported getting error messages. The worm eventually knocked out 1,308 or 80 per cent of work stations in three cities and took more than a month to eradicate, say newly released documents.

The attack is estimated to have cost the agency up to $1.5-million, including down time for employees made idle by their ailing work stations. More than 50 technicians and other experts struggled for weeks to contain the damage.

A Nov. 26, 2007, post-mortem report on the emergency warned that "the total cost of this incident could have been higher if this event occurred during a time of public health crisis, including loss of life." (Canadian Press; link now behind subscription firewall)

Technically a computer virus and a computer worm are different. From the computer hygiene point of view, however, they both represent a propagating piece of computer malware that does damage to the community. Public health, like many other community services, has become increasingly dependent on digital communication systems. Few if any public health authorities have their own cyber security expertise and with budgets getting tighter and tighter it isn't likely many will acquire it.

This just piles one more vulnerability onto public health at a time when it is tottering towards collapse, or at best, a vegetative existence.

NB to taxpayers: you get what you pay for.

More like this

This is a brief chronology of the current Conservative Canadian government's long campaign to undermine evidence-based scientific, environmental and technical decision-making. It is a government that is beholden to big business, particularly big oil, and that makes every attempt to shape public…
11/11 is to be the new 9/11, according to the jihad-watchers at href="" rel="tag">DEBKAfile.   href="">DEBKAfile Exclusive: Al Qaeda declares Cyber Jihad on the West October 30, 2007, 9:23 AM (GMT+02:00) In a special Internet…
If you've ever wondered how spammers got your email address, the answer might be that you gave it to them by following a link you thought had important or interesting information. We all know the kind of "interesting" information people will follow. Sex is the biggest business on the internet. But…
by Kim Krisberg "CQ, CQ Celebrating National Public Health Week!" "CQ, CQ Celebrating National Public Health Week!" If you're an aficionado of amateur radio -- or ham radio as it's also known -- this is the call you might hear coming out of Oklahoma City on April 6. In layman's terms, it means "…

Psst... humorous typo in the title of this post.

caia: LOL. I knew I'd do that one of these days. Thanks.

Missing from most of these stories is the fact that these infections all take place on Microsoft Windows computers which by poor design are vulnerable to viruses, trojans and other malware.
Switching to Linux or Unix based computers would prevent these problems (along with many other savings).

Don't want to get into a which computer is best argument but fewer viruses target macs.

Both the comments by Mark and Indigo are partially correct.

The problem is largely due to the fact that the vast majority of computers on the web run the same Operating System (OS) Right now, malware makers target Windows XP because that's where they get the biggest result for their efforts.

In effect, we have not just a mono-culture in computer operating systems but effectively a vast population of clones. Any "pathogen" that can infect one can infect pretty much all of them. You might further stretch the analogy by comparing security software with immunizations. Unfortunately, the infectious agents are out-evolving the protections. I don't see this arms race ending any time soon.

A system that runs a non-Windows OS will dodge most malware. This goes for all the *-nix systems including Macintosh, BSD, Solaris and Linux. There is nothing magical about it, they are just usually aren't worth the extra effort when there's so much low-hanging fruit.

excellent response Jim Gwyn, if the majority of businesses, governments, and home users switched to Mac, or unix based systems, the bad guys would simply target those. But that isn't what Mark means, Mark means Microsoft is bad, evil, and horrible. It amazes me that a software company that markets such shoddy products can stay in business and just about corner the market. Mark also probably hates WalMart. If Mark is old enough he probably used to hate IBM. I'm pretty darn sure he hates Exxon now.

By pauls lane (not verified) on 24 Apr 2008 #permalink

Couple of points: (first I typed pints, and that is OK, too...)I'm a geek. In my spare time, I run a service that fixes computers, and most of what I do is remove malware. For the most part, people are stupid. Even after they are told (and shown, and given an easy way to do so), they don't bother to protect their computers from infections. And I say what the hell, I get $50 for cleaning them up. On a larger scale, I say WHAT THE HELL ARE YOU DOING??? to the IT departments that should be maintaining corporate (or, for instance, Health Canada's) computers. It shouldn't come as a shock that malware is out there. 99+% of it is prevented by most of the anti-malware products available. (I have my favorites and my villains, but that is for another time).If you get your machine infected, bad on you. If your machine infects your network, your IT guy should be fired. And I say this with little respect for (most of) my personal agency's IT people, and in the full knowledge that their anti-malware system is actually pretty good. It is the rest of their policies that chafe my butt. (But then, I'm a geek...)