Mystery ‘virus’ disrupts New Zealand ambulance service
Malware sends operators back to manual communication
Staff at New Zealand’s St John’s Ambulance service were forced to coordinate emergency call-outs using manual radio systems last week after computers systems were hit by a mystery ‘virus’.
The disruption reportedly began on Wednesday when an unidentified piece of malware started affecting the systems used across the country for paging and radio communications with ambulances in the field, sending staff back to manual radio contact.
By Friday morning, engineers at what is the country’s main ambulance service had finally managed to restore these systems without identifying how the malware got inside the organisation’s security controls.
Related Articles on Techworld
"Anti-virus software protected the systems but as a result of the virus it impacted on some of the system's services, mainly those related to paging and radio. Back-up systems immediately took over when it was detected and the workload was managed manually," said ambulance communications chief, Alan Goudge to a New Zealand news source.
Exactly why some systems were downed while others survived is unclear but the fact that several centres were affected would suggest that the malware had the ability to spread within a network, which points to a worm component on one network segment.
Unnamed sources are now blaming an infection introduced by way of a USB stick. If so this will be only the latest organisation to be embarrassed by what are often quite basic but fast-spreading pieces of malware.
A month ago the Creech US Air Force in Nevada used to direct drone attacks against militants in Afghanistan was left red-faced by reports that non-critical computers had been hit by a worm. The malware turned out to be a simple keylogger for stealing gaming passwords and user names transferred on to the network from a portable storage device.
In 2008, the NHS in the UK got its own warning on the potential for trouble with the news that three London hospitals had to be shut for a period after record and admissions systems were disrupted by malware.