London Hospitals Hit by a Virus. (No, the Other Virus.)

PCWorld brings news today of a worm that hit three London hospitals in early 2005. Looks like almost three years on, the systems are nearly free of the Mytob worm that forced hospital administrators to shut down all PCs as a precaution.

The virus update said of the three hospitals infected, St Bartholomew's, the Royal London Hospital, and The London Chest Hospital, 97% of their PCs are worm-free now.

What's interesting in this story, and a fact often forgotten, is that the PCs (supposedly) had McAfee antivirus software installed. McAfee claims the software installed had signatures to catch this worm, which begs the following questions then:

Was it really installed?

Was it installed before or (as often happens) after the outbreak by someone attempting a CYA?

Was the antivirus software disabled by users frustrated by it?
...or

Did it just fail?

It's easy to smell a rat in here somewhere, especially when the best quote from a "hospital spokesman" was that "an investigation is ongoing." Uh huh. Sure thing. Riiiiight.

We call BS: if you're still looking three years later, you're not looking.

Regardless of this though, it seems unlikely to us that McAfee's software is to blame. It seems more likely than not that this is a case of human error that resulted in a tragic system meltdown.

The lesson here as far as we're concerned is one we feel can't be repeated too often or too much:

1.) install antivirus software
2.) listen to its warnings

If it doth protest too much, learn what it's complaining about: it might just be a real warning.