Three London hospitals; Barts Hospital in the City of London, Royal London Hospital in Whitechapel, and the East-End London Chest Hospital in Bethnal Green, have been forced to shut down all their computer systems since lunchtime on Monday 17th November after being infected by a computer virus.

No information has been released regarding the nature of the virus attack. Official press releases stress that everything is under control and that the institutions are handling the matter competently and effectively: "The Trust’s well rehearsed emergency procedures have been activated to ensure that key clinical systems continue safely while the system is being stabilised and a solution is being found." This is the official British way of saying "We’re hoping that we can handle it and that the resultant losses aren’t that bad." Stiff upper lip included. The spokesman said the virus was "not malicious", and the infection was "self-contained".

From the above it appears that it probably wouldn’t be all that difficult to get a rootkit into the NHS computer system and steal confidential information by having it downloaded to a remote server. Maybe that’s what they discovered was happening and covered it up?

Aside from Government incompetence in leaving sensitive personal information on a train in a laptop, the Government losing unencrypted disks full of confidential records; or the banks dumping sensitive customer information including account numbers, PIN numbers, and the like, into open skips outside their premises in paper format, it makes you wonder just how secure the UK actually is.

All it would theoretically take is for one employee to open one attachment and every piece of personal confidential and private data stored by all government departments gets into the public domain. Maybe that’s already happened; but the standard cover-up operation has been executed?

Privacy is maybe becoming a thing of the past? What do you think? What security threats would this pose if it were true?

As expected, malware dealers are attempting to capitalise on the results of the US Presidential Election: A spammed news message arrives in email with a link to a web-page that supposedly has a video of the event. Of course it claims to require a special viewer, said to be adobe_flash9.exe (MD5 47c86509a78dc1edb42f2964bea86306) and nags you to download it.

The viewer is not a viewer: It is rather Trojan-PSW:W32/Papras.CL, that hides itself by using a rootkit, steals all your personal details, and uploads them all to a server in Ukraine.

The link in the email takes you to this page: Note the download link for the "viewer".

• Some of the subject lines of the email include:

• USA Election 2008 Results

• Election Center 2008 – Election Results

• Obama’s Win Reshapes the Race

• Election 2008: Time lapse of U.S. counties

• The new President’s cabinet?

• Obama win preferred in world poll

• Can Obama win popular vote but lose election?

———————————————

While on the subject of Flash Player, there is a new version of Adobe Flash, version 10.0.12.36 which fixes a bug in previous versions.You should, of course, download it directly from http://get.adobe.com/flashplayer/ rather than from any malware-dealer’s email.