CurzTech News Network
CurzTech News Network | CurzTech World News | CurzTech U.S. News | CurzTech Entertainment News | CurzTech Political News | CurzTech Conspiracy News | Yesterday's News | Offsite Archive
The day after the war with Iraq began, computers at a 40-bed hospital in Ely came under electronic attack from hackers who were initially traced to Al Jeezera, the Arab news network famous for broadcasting messages from terrorist chief Osama Bin Laden.
Rumors churned among the 4,000 or so residents of this desert town, known as the most remote city in the lower 48 states.
Some citizens heard al Qaida cyber-terrorists had crippled the hospital's computers. Two residents, via e-mail, asked the local newspaper if Iraqi hackers had erased patient records.
The rumors were false, but the truth is almost as strange.
FBI agents determined a computer hacker used the Arab news agency's Web site as a conduit to attack the Ely hospital. They traced the source to a cyber address in the former Soviet Union.
Although Ely's break-in wasn't attributed to Islamic extremists, the theory at first seemed credible. Researchers say al Qaida has hacked into other computers, and last week it hijacked an Alaska teenager's Web site for nearly two days to display messages calling for attacks against Americans.
But in Ely, patients' records were safe, hospital officials said. But they said the hacker may have scooped up payroll data, including Social Security and bank account numbers, for any of 290 employees on the system.
The incident has already resulted in improved computer security at Nevada's 12 other rural hospitals, officials said, and serves as an object lesson for all computer users.
"Here's tiny Ely, a place where people leave doors unlocked, and we get hacked by the Russian Mafia, who are pretending to be Arab terrorists, because they are the people to blame this week," said Jim Crosley, information technology manager for William Bee Ririe Hospital in Ely.
"We may be remote in geography, the most distant city from any metropolitan area, but with the Internet we might as well be in downtown New York or Los Angeles."
Crosley said the Ely hospital's security measures routinely fight off between 40 and 60 electronic attacks a day. Computer experts said all Internet connections are vulnerable to electronic vandals, whose motives range from bragging rights to identity theft.
The hackers' programs scan the portals of the Internet and attempt tens of thousands of cyber break-ins per hour, experts said, using compromised computers against other targets.
The Al Jeezera site was itself a victim last month when hackers shut it down at about the time the Ely computer was invaded. The English language version of the site came back on line Friday.
Last week, in the hamlet of Homer, Alaska, al Qaida propaganda calling for terrorist attacks suddenly appeared on a high school boy's Web site and vanished two days later.
Middle East cyber terrorists make the headlines, but the attacks may be coming from Europe, Asia, or the teenager down the street, said Marty Linder, team leader at the CERT Coordination Center, an Internet security center operated by Carnegie Mellon University.
"The perception is that we're more at risk because we're at war, but it's really a continuing problem and it's growing," he said. "The vast majority of computer intrusions take place because it can be done. There's a constant scanning, a search for vulnerabilities that can be exploited.
"Owners of the computers may not even be aware that a bad guy now controls their machines," Linder said.
On March 20, Crosley instantly detected the Ely break-in.
"It was serendipity," he said. "It was just after 6 a.m. and I saw an active connection from outside, on a path through the emergency room to the payroll computer, but I knew no one was in the payroll office."
Crosley said he ran to the affected computer.
"About 4 megabytes of information got out the door before I pulled the plug," he said. "They may have got employee records, or they may not, but to be safe we've notified those people and nearly all of them have changed bank account numbers and notified credit reporting agencies to protect against identity theft."
He said the patient records aren't accessible through Internet connections, and the other parts of the computer system are protected by a firewall, an electronic barrier to intruders. He said he also uses other devices, such as a "honey pot" computer. That machine is set up to attract hackers, who then can't get data but who open themselves to detection, he said.
Crosley said the system seemed to be protected from attacks. But the FBI lab's analysis of the hospital's hard drives showed a game program, "Blaster Ball," contained a Trojan horse, a hidden code that acted as a beacon and let hackers into the hospital's system.
"Two employees admitted downloading the game from the Internet and installing it at a work station," Crosley said. "The Trojan horse reported back to the hackers, and the system was compromised. It was an eye-opener that you can have the best firewall available, but someone on the inside can unintentionally blow it out."
Bob Morasco, hospital administrator, said the intrusion resulted in tighter policies and procedures, and more security measures.
"Payroll is off the network," he said. "We've told employees never to install software or sign on to streaming Internet services."
Crosley said all computer users connected to the Internet are at risk.
"Ely isn't remote any more," he said. "On the Internet, the world and all the bad guys in it are as close as your desktop PC." © Copyright Reno Gazette-Journal, a Gannett Co. Inc. Newspaper.
[an error occurred while processing this directive]