Dan Goodin reports:
The UK’s National Health Service has been hit by a voracious, data-stealing worm that’s easily detected by off-the-shelf security software, according to researchers who directly observed the mass compromise.
Researchers from anti-virus provider Symantec have been monitoring the Qakbot worm since last May and have documented its behavior here and here. On Thursday, after infiltrating two of the six servers used to collect pilfered data from infected machines, they provided an update that didn’t exactly instill confidence in the healthcare system.
“The logs show that there is a significant Qakbot infection on the National Health Service (NHS) network in the UK,” the Symantec update states. “This threat has managed to infect over 1,100 separate computers that are spread across multiple subnets within the NHS. We have attempted to contact the affected parties and have no evidence to show that any customer or patient data has been stolen.”
Not that Qakbot doesn’t have the ability to clean out the NHS if it wanted do.”
Read more in The Register.