Computer virus shuts down Ambulance dispatch service

[Don McKenzie]

Computer virus shuts down Ambulance dispatch service

The Ambulance Service of NSW computer dispatch system became infected by a virus at about 1pm (AEDT) on Saturday,
forcing staff to shut it down and revert to co-ordinating the state's paramedics and ambulances via a manual paper-based
system.

The cause and source of the virus were unknown and the system was still offline at 1pm (AEDT) on Sunday and it was not
known when it would be back up and running, Willis said.

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/

HUH?
Could they possibly be running a windows Operating System, without full back up and recovery, for an ambulance dispatch
system?

Cheers Don...

=====================


--
Don McKenzie

Site Map: http://www.dontronics.com/sitemap
E-Mail Contact Page: http://www.dontronics.com/email
Web Camera Page: http://www.dontronics.com/webcam
No More Damn Spam: http://www.dontronics.com/spam

These products will reduce in price by 5% every month:
http://www.dontronics-shop.com/minus-5-every-month.html
http://www.dontronics-shop.com/ics.html

Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".

 

[Petzl]

On Mon, 14 Feb 2011 06:23:17 +1100, Don McKenzie <5V@2.5A> wrote:

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/

HUH?
Could they possibly be running a windows Operating System, without full back up and recovery, for an ambulance dispatch
system?

On a Sunday doubt if anyone working would be allowed to?
Most IT have they network so crippled no one wants to use it anyhow
--
Petzl
http://home.iprimus.com.au/petzl/Mono.htm

 

[SG1]

"Petzl" <petzlx@gmail.com> wrote in message
news:bodgl6dqv9j95feu9isr4fi6eovj0dgrgo@4ax.com...

On Mon, 14 Feb 2011 06:23:17 +1100, Don McKenzie <5V@2.5A> wrote:

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/

HUH?
Could they possibly be running a windows Operating System, without full
back up and recovery, for an ambulance dispatch
system?

On a Sunday doubt if anyone working would be allowed to?
Most IT have they network so crippled no one wants to use it anyhow

Could you retype that last sentance in English that makes a modicum of
sense, thank you.

--
Petzl
http://home.iprimus.com.au/petzl/Mono.htm

 

[Petzl]

On Mon, 14 Feb 2011 06:56:15 +1000, "SG1" <lostitall@the.races> wrote:

"Petzl" <petzlx@gmail.com> wrote in message
news:bodgl6dqv9j95feu9isr4fi6eovj0dgrgo@4ax.com...
On Mon, 14 Feb 2011 06:23:17 +1100, Don McKenzie <5V@2.5A> wrote:

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/

HUH?
Could they possibly be running a windows Operating System, without full
back up and recovery, for an ambulance dispatch
system?

On a Sunday doubt if anyone working would be allowed to?
Most IT have their network so crippled no one wants to use it anyhow

Could you retype that last sentance in English that makes a modicum of
sense, thank you.

--
Petzl
http://home.iprimus.com.au/petzl/Mono.htm

 

[atec77]

On 14/02/2011 6:57 AM, Petzl wrote:

On Mon, 14 Feb 2011 06:56:15 +1000, "SG1"<lostitall@the.races> wrote:


"Petzl"<petzlx@gmail.com> wrote in message
news:bodgl6dqv9j95feu9isr4fi6eovj0dgrgo@4ax.com...
On Mon, 14 Feb 2011 06:23:17 +1100, Don McKenzie<5V@2.5A> wrote:

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/

HUH?
Could they possibly be running a windows Operating System, without full
back up and recovery, for an ambulance dispatch
system?

On a Sunday doubt if anyone working would be allowed to?
Most IT have their network so crippled no one wants to use it anyhow

Could you retype that last sentance in English that makes a modicum of
sense, thank you.
read it again

anyone with a modicum of comprehension will manage it

--
Petzl
http://home.iprimus.com.au/petzl/Mono.htm

--
X-No-Archive: Yes

 

[John Tserkezis]

atec77 wrote:

On a Sunday doubt if anyone working would be allowed to?
Most IT have their network so crippled no one wants to use it anyhow

Could you retype that last sentance in English that makes a modicum of
sense, thank you.

read it again
anyone with a modicum of comprehension will manage it

Best I could make out was that even at the best of times (worse still
on Sundays), all IT administrators are such utter bastards, that they
block innocent sites such as Twitter, Myspace, FriendFace, gmail and all
porn sites from their corporate networks, the users have to wait till
they get home to use their own ISP (or steal it from their neighbours)
before they can whine on usenet about how hard off they.

Is that about the gist of it?
--
I got arrested in LA and boy am I beat!

 

[Petzl]

On Mon, 14 Feb 2011 09:45:56 +1100, John Tserkezis
<jt@techniciansyndrome.org.invalid> wrote:

Best I could make out was that even at the best of times (worse still
on Sundays), all IT administrators are such utter bastards, that they
block innocent sites such as Twitter, Myspace, FriendFace, gmail and all
porn sites from their corporate networks, the users have to wait till
they get home to use their own ISP (or steal it from their neighbours)
before they can whine on usenet about how hard off they.

Not that hard was it
--
Petzl
What perfect set of circumstances placed our Sun a Celestial ball of fire at just the correct distance from our little blue planet for life to evolve?
All simply conicidence? The very fact we exist is nothing but the result of a complex yet inevitable string of chemical accidents and biological mutations?
There is no Grand meaning; There is no purpose

 

[Sylvia Else]

On 14/02/2011 6:23 AM, Don McKenzie wrote:

Computer virus shuts down Ambulance dispatch service

The Ambulance Service of NSW computer dispatch system became infected by
a virus at about 1pm (AEDT) on Saturday, forcing staff to shut it down
and revert to co-ordinating the state's paramedics and ambulances via a
manual paper-based system.

The cause and source of the virus were unknown and the system was still
offline at 1pm (AEDT) on Sunday and it was not known when it would be
back up and running, Willis said.

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/


HUH?
Could they possibly be running a windows Operating System, without full
back up and recovery, for an ambulance dispatch system?

In any case, critical systems shouldn't be connected to the internet,
and there should be an absolute ban (sacking on first offence) on
loading unauthorised software.

Sylvia.

 

[John Tserkezis]

Petzl wrote:

Best I could make out was that even at the best of times (worse still
on Sundays), all IT administrators are such utter bastards, that they
block innocent sites such as Twitter, Myspace, FriendFace, gmail and all
porn sites from their corporate networks, the users have to wait till
they get home to use their own ISP (or steal it from their neighbours)
before they can whine on usenet about how hard off they.

Not that hard was it

I get that bit, what I don't get is how you gleaned that assumption
about the Ambulance service, what it has to do with them, and more
importantly, how do you know how they work to be able to make the
assumption that their IT administrators are utter totalitarian bastards.
Or lazy smucks who don't care about network security.

The original report doesn't give enough to point to either conclusion.
--
The Hubbell works fine; all that stuff IS blurry!

 

[Swanny]

On 14/02/2011 6:23 AM, Don McKenzie wrote:

Computer virus shuts down Ambulance dispatch service

The Ambulance Service of NSW computer dispatch system became infected by
a virus at about 1pm (AEDT) on Saturday, forcing staff to shut it down
and revert to co-ordinating the state's paramedics and ambulances via a
manual paper-based system.

The cause and source of the virus were unknown and the system was still
offline at 1pm (AEDT) on Sunday and it was not known when it would be
back up and running, Willis said.

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_ambulance_dispatch_service/


HUH?
Could they possibly be running a windows Operating System, without full
back up and recovery, for an ambulance dispatch system?

Cheers Don...

=====================

There were problems when the system was initially installed a couple of
decades ago. I think there was even a 4-Corners program about how poor
the system was.

There was a recent tender for upgrades as well, and this sheds some
light into the operational system architecture.


From
http://www.computerworld.com.au/article/5307/nsw_ambulance_service_seeks_data_centre_cure/

The core operational systems and services used by the service for call
taking and dispatching are VisiCAD version 1.10 for the primary
ambulance dispatch system to identify incident locations, and real-time
visual tracking of vehicles; a Genesys and Alcatel computer telephony
integration; CDAT to receive the matching Telstra Eclipse Data
associated with 000 emergency calls received through the Telstra
network; the Inter-CAD Electronic Messaging System (ICEMS) to allow
agency CAD systems to send and receive CAD jobs; an in-house, Web-based
electronic booking system to schedule non-urgent patient transport; a
the mobile data interface by which data is sent and received between the
operations centre CAD system and ambulance mobile data terminals via
several data radio networks.

The ICEMS protocol has been developed and tested by the NSW Fire
Brigades and Ambulance Service and will be deployed between those and
NSW Police with the next twelve months.

Other systems that integrate into the CAD system include: paging and
SMS, priority dispatch software, a custom Windows DLL for clinical
decision support, a call taking quality assurance application and the
Higher Ground voice recording application.

The service operates a centralized data warehouse which is continuously
updated with all VisiCAD and related data from each of the operations
centres for backup, DR and reporting purposes. Live operational data is
replicated in real time to a central data store at Rozelle in Sydney.
Replication covers all CAD SQL data and most of the other data sources.

In addition to the CAD data warehouse, the tender requests Genesys data
marts from each centre to be deposited into a central data mart.

The DR equipment is expected to be a mirror of the primary CAD data
centre, including three fully-populated blade enclosures; however, if
blades are not used then the equivalent would be about 50 HP
rack-mounted servers. There are also six stratus fault tolerant servers.
For storage an EMC SAN with between 30 to 40 disks is used.

 

[terryc]

Don McKenzie wrote:

HUH?
Could they possibly be running a windows Operating System,

Almost definitely.

without full
back up and recovery, for an ambulance dispatch system?

Wouldn't fix this problem. you need to remove the "infection"

Sigh, the number of places that have "virus protection". It was
installed three years ago but never updated or maintained.

 

[terryc]

Petzl wrote:

Most IT have they network so crippled no one wants to use it anyhow

If it was properly crippled, then this should not have happened.

 

[terryc]

Sylvia Else wrote:

In any case, critical systems shouldn't be connected to the internet,

We all know that, but they continue to do it.
Which is it; their maps are google maps or where is it?

 

[terryc]

Swanny wrote:

taking and dispatching are VisiCAD version 1.10 for the primary

It is based on a Computer Aided DRAWING system?

ambulance dispatch system to identify incident locations, and real-time
Genesys

The original Genesys?

 

[Sylvia Else]

On 14/02/2011 10:54 AM, terryc wrote:

Don McKenzie wrote:

HUH?
Could they possibly be running a windows Operating System,

Almost definitely.

without full back up and recovery, for an ambulance dispatch system?

Wouldn't fix this problem. you need to remove the "infection"

A full reinstall and restore from a backup made before the infection
would do it. Mind you, determining when the infection occurred might be
difficult.

Perhaps just a full reinstall. It's an ambulance dispatch system - what
happened yesterday is already history.

Sylvia.

 

[terryc]

Sylvia Else wrote:

A full reinstall and restore from a backup made before the infection
would do it. Mind you, determining when the infection occurred might be
difficult.

Perhaps just a full reinstall. It's an ambulance dispatch system - what
happened yesterday is already history.

Sigh, it is a network?
Ever recovered a network from a virus installation?
Thought not.

 

[Sylvia Else]

On 14/02/2011 12:05 PM, terryc wrote:

Sylvia Else wrote:

A full reinstall and restore from a backup made before the infection
would do it. Mind you, determining when the infection occurred might
be difficult.

Perhaps just a full reinstall. It's an ambulance dispatch system -
what happened yesterday is already history.

Sigh, it is a network?
Ever recovered a network from a virus installation?
Thought not.

Isolate each computer. Do a re-install on each computer. Only reconnect
computers to the network after a re-install.

Routers should be OK unless they've been set up to be remotely
reprogrammable, which they shouldn't be.

Sylvia.

 

[Don McKenzie]

On 14-Feb-11 10:54 AM, terryc wrote:

Don McKenzie wrote:

HUH?
Could they possibly be running a windows Operating System,

Almost definitely.

without full back up and recovery, for an ambulance dispatch system?

Wouldn't fix this problem. you need to remove the "infection"

FULL means FULL.

My service provider backs up my FULL server (http://server.the-wizard-from-oz.com/) every 4 hours, and saves 30 days of
these backups. The system is capable of providing hundreds of recovery points per day. I have access to restore a
backup, from any point at any time.

And I'm running a 2 bob shopping cart, not a life critical ambulance dispatch system.
http://www.ewdhosting.com/backup_system.html
http://www.ewdhosting.com/managed-vps-hosting.html

And as far as individual PC backup is concerned, I doubt if anyone is more paranoid than I am about having enough FULL
backups available. It started when my wife unplugged my 4K PC in 1978, so she could plug her iron into a double adapter.
I lost about 8 hours work.

Cheers Don...

==========================


--
Don McKenzie

Site Map: http://www.dontronics.com/sitemap
E-Mail Contact Page: http://www.dontronics.com/email
Web Camera Page: http://www.dontronics.com/webcam
No More Damn Spam: http://www.dontronics.com/spam

These products will reduce in price by 5% every month:
http://www.dontronics-shop.com/minus-5-every-month.html
http://www.dontronics-shop.com/ics.html

Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".

 

[Don McKenzie]

On 14-Feb-11 6:23 AM, Don McKenzie wrote:

Computer virus shuts down Ambulance dispatch service

Very hard to say what happened until we hear what O/S was being used, how it was infected, and how it was fixed.

Latest in:
http://www.heraldsun.com.au/news/breaking-news/nsw-ambulance-computers-back-after-virus/story-e6frf7jx-1226005577251

General manager Mike Willis said the time it took to fix the problem was "regrettable".
"It has been a long time coming back online," he told Fairfax Radio Network this morning.
"That's regrettable. But I'll say we wouldn't allow the system to be turned back on until our technicians cleaned every
workstation." The cause and source of the virus was still not known, he said

So, it has "Workstations".

Cheers Don...

===================



--
Don McKenzie

Site Map: http://www.dontronics.com/sitemap
E-Mail Contact Page: http://www.dontronics.com/email
Web Camera Page: http://www.dontronics.com/webcam
No More Damn Spam: http://www.dontronics.com/spam

These products will reduce in price by 5% every month:
http://www.dontronics-shop.com/minus-5-every-month.html
http://www.dontronics-shop.com/ics.html

Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".

 

[kreed]

On Feb 14, 5:23 am, Don McKenzie <5...@2.5A> wrote:

Computer virus shuts down Ambulance dispatch service

The Ambulance Service of NSW computer dispatch system became infected by a virus at about 1pm (AEDT) on Saturday,
forcing staff to shut it down and revert to co-ordinating the state's paramedics and ambulances via a manual paper-based
system.

The cause and source of the virus were unknown and the system was still offline at 1pm (AEDT) on Sunday and it was not
known when it would be back up and running, Willis said.

http://www.arnnet.com.au/article/376471/computer_virus_shuts_down_amb...

HUH?
Could they possibly be running a windows Operating System, without full back up and recovery, for an ambulance dispatch
system?

Cheers Don...

====================
--
Don McKenzie

Site Map:            http://www.dontronics.com/sitemap
E-Mail Contact Page:http://www.dontronics.com/email
Web Camera Page:    http://www.dontronics.com/webcam
No More Damn Spam:  http://www.dontronics.com/spam

These products will reduce in price by 5% every month:http://www.dontronics-shop.com/minus-5-every-month.htmlhttp://www.dontronics-shop.com/ics.html

Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".

Which will be another reason to push for internet censorship. To
"protect" vital infrastructure.