Computers and public health: as the worm turns

A viral infection with serious public health consequences occurred in Canada on January with little publicity:

Hundreds of computers at the Public Health Agency of Canada fell victim to a "worm," a bit of malicious software that nearly brought operations to a halt.

The trouble began Monday, Jan. 15, 2007, when a few computer users at the agency and at Health Canada reported getting error messages. The worm eventually knocked out 1,308 or 80 per cent of work stations in three cities and took more than a month to eradicate, say newly released documents.

The attack is estimated to have cost the agency up to $1.5-million, including down time for employees made idle by their ailing work stations. More than 50 technicians and other experts struggled for weeks to contain the damage.

A Nov. 26, 2007, post-mortem report on the emergency warned that "the total cost of this incident could have been higher if this event occurred during a time of public health crisis, including loss of life." (Canadian Press; link now behind subscription firewall)

Technically a computer virus and a computer worm are different. From the computer hygiene point of view, however, they both represent a propagating piece of computer malware that does damage to the community. Public health, like many other community services, has become increasingly dependent on digital communication systems. Few if any public health authorities have their own cyber security expertise and with budgets getting tighter and tighter it isn't likely many will acquire it.

This just piles one more vulnerability onto public health at a time when it is tottering towards collapse, or at best, a vegetative existence.

NB to taxpayers: you get what you pay for.

More like this

Many of my readers may recall that back in October I published a post announcing the Draft Open Access Policy consultation process launched by the Canadian Tri-Councils -- Social Sciences & Humanities Research Council, Natural Sciences & Engineering Research Council and Canadian Institutes…
We have a Steacie Library Hackfest coming up and our there this year is Making a Difference with Data. And what better area to make a difference in than the environment and climate change? I am far from an expert on this topic, so suggestions for additions (and deletions if I've added anything…
Mercury is a neurotoxin. Neurotoxins are bad for developing nervous systems. Therefore . . . Five "hotspots" of mercury contamination posing a risk to human health have been found in the eastern states of the US and eastern provinces of Canada. Average mercury concentrations in many of the region'…
It is not news that the Atlanta lawyer who had/didn't have Extremely Drug Resistant TB early in the year didn't infect anyone when he flew -- against advice or was it against orders? -- from Europe back to the US via Canada and through New York despite a no fly (or not?) order from CDC (or DHS?).…

Psst... humorous typo in the title of this post.

caia: LOL. I knew I'd do that one of these days. Thanks.

Missing from most of these stories is the fact that these infections all take place on Microsoft Windows computers which by poor design are vulnerable to viruses, trojans and other malware.
Switching to Linux or Unix based computers would prevent these problems (along with many other savings).

Don't want to get into a which computer is best argument but fewer viruses target macs.

Both the comments by Mark and Indigo are partially correct.

The problem is largely due to the fact that the vast majority of computers on the web run the same Operating System (OS) Right now, malware makers target Windows XP because that's where they get the biggest result for their efforts.

In effect, we have not just a mono-culture in computer operating systems but effectively a vast population of clones. Any "pathogen" that can infect one can infect pretty much all of them. You might further stretch the analogy by comparing security software with immunizations. Unfortunately, the infectious agents are out-evolving the protections. I don't see this arms race ending any time soon.

A system that runs a non-Windows OS will dodge most malware. This goes for all the *-nix systems including Macintosh, BSD, Solaris and Linux. There is nothing magical about it, they are just usually aren't worth the extra effort when there's so much low-hanging fruit.

excellent response Jim Gwyn, if the majority of businesses, governments, and home users switched to Mac, or unix based systems, the bad guys would simply target those. But that isn't what Mark means, Mark means Microsoft is bad, evil, and horrible. It amazes me that a software company that markets such shoddy products can stay in business and just about corner the market. Mark also probably hates WalMart. If Mark is old enough he probably used to hate IBM. I'm pretty darn sure he hates Exxon now.

By pauls lane (not verified) on 24 Apr 2008 #permalink

Couple of points: (first I typed pints, and that is OK, too...)I'm a geek. In my spare time, I run a service that fixes computers, and most of what I do is remove malware. For the most part, people are stupid. Even after they are told (and shown, and given an easy way to do so), they don't bother to protect their computers from infections. And I say what the hell, I get $50 for cleaning them up. On a larger scale, I say WHAT THE HELL ARE YOU DOING??? to the IT departments that should be maintaining corporate (or, for instance, Health Canada's) computers. It shouldn't come as a shock that malware is out there. 99+% of it is prevented by most of the anti-malware products available. (I have my favorites and my villains, but that is for another time).If you get your machine infected, bad on you. If your machine infects your network, your IT guy should be fired. And I say this with little respect for (most of) my personal agency's IT people, and in the full knowledge that their anti-malware system is actually pretty good. It is the rest of their policies that chafe my butt. (But then, I'm a geek...)