NHS computers hit by data-stealing worm

INSECURITY FIRM Symantec has warned that that NHS computers have been infected by a data stealing worm called Qakbot.

It apparently has infected 1,100 separate computers, although Qakbot is really only intended to infect home PCs. Symantec and you would guess other reputable computer insecurity companies offer protection from the threat, so obviously the defences of these and other NHS computers must be lax, or at least not kept up to date.

This also must be true for other corporate and government computers that have also been affected.

There could be more than 1,100 NHS computers that are infected, as this figure was taken from only two servers over two weeks. Symantec said that it has attempted to contact the affected parties and found no evidence that patient data was stolen.

But if Qakbot does what it is built to do, it is capable of monitoring compromised computers for sensitive information. It is capable of taking data such as online banking information, credit card information, social network credentials and email account information as well as Internet search histories.

Symantec security expert Patrick Fitzgerald said in a blog post, "Qakbot records the contents of information that is stored and used by the AutoComplete feature."

"In a nutshell, if your computer is compromised, every bit of information you type into your browser will be stolen."

He added that the creator of Qakbot put little effort into trying to secure the information. Although so far it is only looking for consumer-based information, since it is a data downloader affected businesses could come under more serious attack in the future. µ