The St John Ambulance service in New Zealand fell victim to a computer virus infection last week, according to media reports, which disabled its automated response systems across the country.
The service, which provides 90% of the emergency and non-emergency ambulance cover for the New Zealand population, was struck by a malware attack on Wednesday forcing staff to allocate ambulances manually according to Alan Goudge, communications operations manager for the St John Ambulance service:
"Anti-virus software protected the systems but as a result of the virus it impacted on some of the systems services, mainly those related to paging and radio. Back-up systems immediately took over when it was detected and the workload was managed manually."
No details appear to have been made available about which precise piece of malware infected the ambulance service’s systems, or how it entered the network, but in all likelihood the attack was not targeted specifically at the organisation but simply included it amongst its victims.
It’s far from the first time that a medical service has grappled with malware infections.
For instance, the Mytob worm hit a number of London hospitals in 2008, and in 2005 the Northwest Hospital and Medical Center in north Seattle was hit in attack which shut down computers in the facility’s intensive care unit and prevented doctors’ pagers from working properly.
In that latter case, nurses were said to have run charts down hallways rather than transferring them electronically, computers in the facility’s intensive care unit were shut down and doctors’ pagers were prevented from working properly. A 21-year-old man was ultimately sentenced to three years in prison and fined a quarter of a million dollars in connection with the case.
The fact is that malware often doesn’t discriminate between who its victims might be. Whether you’re running a computer in your spare bedroom, or operating critical systems in a medical environment, your PC may still be at risk.
Anyone who still thinks that virus-writing is “mostly harmless” and only really impacts the foolish who don’t have backups, should consider what the possible consequences of taking down the systems of an ambulance emergency service might mean.