Digital Common Sense

August 28, Security Focus — Bot network attacker gets three years for breaches. A federal court in Seattle sentenced Christopher Maxwell, a 21−year−old California man, to 37 months in prison and three years of supervised release on Friday, August 25, for compromising millions of computers in the process of creating a bot net. The automated attack that created the bot net infected systems at Seattle’s Northwest Hospital, the Department of Defense, and the Colton Unified School District, the U.S. Attorney’s Office for the Western District of Washington said in a statement. Maxwell and two co−conspirators used the bot net to install adware on the computers and earn more than $100,000 in affiliate advertising income. Among the effects of the computer infection at Northwest Hospital: Doors to the operating room failed to open, pagers did not work, and computers in the intensive care unit were disrupted.
Source: http://www.securityfocus.com/brief/290

Aside: I can’t help but wonder which hospital bonehead allows computers in ICU to be connected to an unprotected networks where they could become infected with bot zombies. Sounds to me like there should be an opening for a competent network security manager somewhere near me. Everything I’ve seen in every article about this case implies utter incompetence on the part of the Northwest Hospital IT security staff

Technorati Tags: Northwest Hospital, Infosec, bot network

Filed by Ken at 8:29 am under InfoSec