Conficker worm found in hospital equipment

The worm, known as “Conficker,” has not harmed any patients, they say, but it poses a potential threat to hospital operations.

“A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker,” said Marcus Sachs, director of the Internet Storm Center, an early-warning system for Internet threats .

Around March 24, researchers monitoring the worm noticed that an imaging machine was reaching out over the Internet to get instructions — presumably from the programmers who created Conficker.

The researchers discovered that more than 300 similar devices at hospitals around the world had been compromised. The manufacturer of the devices told them none of the machines were supposed to be connected to the Internet — and yet they were.

Normally, the solution would be simply to install a patch, which Microsoft released in October. But the device manufacturer said rules from the U.S. Food and Drug Administration required that a 90-day notice before the machines could be patched.

“For 90 days these infected machines could easily be used in an attack, including, for example, the leaking of patient information,” said Rodney Joffe, a senior vice president at NeuStar, a communications company that belongs to an industry working group created to deal with the worm.