View My Shopping Cart

Virus Attacks Hospital’s Medical Laboratory Department Computers, Crippling Workflow and Spreading to Other Departments

Incident highlights need for anatomic pathology and clinical laboratories to protect computer and LIS systems from hackers and malware

Anatomic pathology labs and clinical laboratories that continue to run Microsoft Windows XP on their computer systems now have a real threat to address. In Australia, the computers in a hospital’s medical laboratory were infected in January with a computer virus that shut down the system. To maintain clinical services, the lab staff was forced to use paper-based methods, among other solutions.

The computer virus crippled the pathology department at the Royal Melbourne Hospital and spread throughout the hospital system by targeting computers running Microsoft Windows XP. This is a 14-year-old operating system that Microsoft no longer supports.

According to a story in iTnews, the Qbot malware first infected computers in Royal Melbourne Hospital’s pathology department in mid-January, handcuffing the pathology department. Staff was forced to develop manual workarounds to process specimens and to record and communicate results.

Hospital Clinical Pathology Department Resorts to Non Electronic Processes

“This has slowed down the process and we have reverted to old-fashioned methods with paper-based records and phoning through and faxing results,” stated Chris MacIsaac, MBBS, PhD, Royal Melbourne Hospital Divisional Director of Critical Care & Investigative Services, in a report by a local Australian news outlet.

iTnews reported that the virus had infiltrated the pathology department through an “unnamed zero-day exploit in the Windows XP computers,” unstopped by the health system’s enterprise software suite. Pulse+IT pointed out that the majority of personal computers in Royal Melbourne’s pathology department run on Windows XP, while the LIS runs on Windows Server 2003.

“The worm had infected other machines in the hospital running newer operating systems, but when it infected an XP machine, it effectively killed it,” a source told Pulse+IT. “However, the hospital also has a few PCs attached to aged medical equipment running on Windows NT that are still working fine.”

Chris MacIsaac, MBBS, PhD, Royal Melbourne Hospital Divisional Director of Critical Care & Investigative Services, said the malware attack on Royal Melbourne Hospital forced the pathology department to revert to “old-fashioned methods” to provide time-critical results while the laboratory’s Windows XP computers were shutdown by the Qbot virus. (Photo copyright: Epworth Healthcare.)

Chris MacIsaac, MBBS, PhD, Royal Melbourne Hospital Divisional Director of Critical Care & Investigative Services, said the malware attack on Royal Melbourne Hospital forced the pathology department to revert to “old-fashioned methods” to provide time-critical results while the laboratory’s Windows XP computers were shutdown by the Qbot virus. (Photo copyright: Epworth Healthcare.)

Qbot Virus Hard to Kill, Hospital Defeats Infection; No Patients Harmed

Once introduced into an operating system, the Qbot virus, which typically attacks banking systems, can steal passwords and capture user keystrokes. The malware then also adds those infected machines to a global network of compromised computers, iTnews stated.

The malware stopped Royal Melbourne Hospital staff from accessing patient medical laboratory test results and impacted food service and other services. However, the security of patient medical records was not compromised. Elective surgeries and outpatient appointments continued on schedule during the crisis, ZDNet reported.

In a January 19 statement, the hospital claimed most of the facility’s computers were now “clear of the virus” and noted that the pathology (medical laboratory) and pharmacy departments were “up and running.”

“While the virus has been disruptive to the organization, due to the tireless work of staff we have been able to minimize this disruption to our patients and ensure patient safety has been maintained,” the hospital said in a news release.

However, ZDNet reported on February 2 that the two-week old Qbot virus “still hasn’t been fixed and continues to mutate.”

“We had one day in the last week where the virus mutated six times,” stated Melbourne Health Chairman Robert Doyle, Melbourne’s 103rd Lord Mayor, in the ZDNet article. “We are down to quite small outbreaks now, but we are trying to stop it talking across computers,” Melbourne concluded.

Melbourne Health Criticized for Using Antiquated Computers

In a blog post, blueAPACHE, an IT management, strategy, and convergence services provider in Australia, New Zealand, and North America, criticized Melbourne Health, which manages Royal Melbourne Hospital, for relying on the Windows XP operating system for services that impact patient health and operations.

“Without the regular security patches and updates from Microsoft, the operating system becomes a playground for hackers to exploit,” blueAPACHE pointed out.

blueAPACHE further noted that, with the introduction of Software as a Service (SaaS) and Desktop as a Service (DaaS) software models, it is no longer cost prohibitive to roll out upgraded technology systems.

“The excuses for not maintaining systems and inadvertently creating high-risk IT environments are simply no longer valid,” blueAPACHE stated in the blog post.

Melbourne Health Chairman Robert Doyle acknowledged that the malware that infiltrated Royal Melbourne Hospital’s computer system “mutated” six times before the virus was under control. (Photo copyright: Nous Group.)

Melbourne Health Chairman Robert Doyle acknowledged that the malware that infiltrated Royal Melbourne Hospital’s computer system “mutated” six times before the virus was under control. (Photo copyright: Nous Group.)

Government Pays Millions to Extend Software Support

In fact, organizations have paid Microsoft millions of dollars for continued support of outdated operating systems. ZDNet noted that the U.S. Navy agreed to pay Microsoft an estimated $9 million for three years of additional support for its Windows XP, Office 2003, Exchange 2003, and Service 2003 systems.

According to iTnews, Melbourne Health had begun a long-term upgrade of its Windows XP machines, with 2,200 of its 4,000 machines upgraded to Windows 7 prior the malware attack. Upgrades of the remaining computers now have been accelerated.

Attacks like these are an urgent reminder that hospitals, medical laboratories, and anatomic pathology groups must take the steps necessary to protect their computerized information systems from eventual intrusion by hackers and malware. Because of the potential for patient harm from hackers attacking lab computers, these steps should be taken with urgency.

—Andrea Downing Peck

Related Information:

Bug That Infected Royal Melbourne Hospital Is a Qbot Worm

Malware Attacks Melbourne Health Systems

Qbot Malware Downed Melbourne Health’s Systems

Virus Cripples Royal Melbourne Hospital Pathology

Virus Takes Down Melbourne Health’s Computer System

Qbot Virus Still Attacking Royal Melbourne Hospital

Melbourne Health Is Managing a Computer Virus Which Affected Its Computer Network

Leave a Reply

Your email address will not be published. Required fields are marked *


Copyright © 2017-2019 the Dark Intelligence Group, Inc. All rights reserved. Reproduction in whole or part without permission is prohibited. We Value Your Privacy! The Dark Intelligence Group will never sell, rent or otherwise abuse your email address. It will be used solely for the purpose of sending you the Dark Daily newsletter and updates about the Dark Daily. Should you wish to unsubscribe at any time, instructions are included with each email for immediate removal from the Dark Daily newsletter subscriber file.