NHS Computers Hit By Qakbot Infection

More than 1000 desktop computer systems owned by the National Health Service (NHS) have been infected with Qakbot, a botnet that steals data, but which appears not to have harvested any patient information.

Data-stealing Qakbot loose in hospitals

The data stealing worm Qakbot has infected over 1,100 separate systems, according to security vendor Symantec. Essentially the botnet tries to steal login details for file transfer protocol (FTP) accounts, and email logins which use post office protocol (POP) 3.

“One unusual aspect of Qakbot is that even though its purpose is to steal information associated with home users, it has also been successful at compromising computers in corporate environments as well as government departments,” wrote Symantec’s Patrick Fitzgerald on the vendor’s security response blog.

“For instance, there are over 100 compromised computers on a Brazilian regional government network. More alarmingly, the logs show that there is a significant Qakbot infection on a major national health organisation network in the UK,” he wrote.

“This threat has managed to infect over 1,100 separate computers that are spread across multiple subnets within their network. We have attempted to contact the affected parties and have no evidence to show that any customer or patient data has been stolen. Given that these figures are based on the evidence from logs obtained from only two servers over two weeks, the actual numbers may be higher,” Fitzgerald warned.

Data Breaches

Qakbot is designed to monitor compromised computers for sensitive information and works by recording the suggestions brought up by the autocomplete features of browsers. It is also capable of stealing data (up to 2GB per week) such as online banking information, credit card information, social network credentials and email account information as well as Internet search histories.

Symantec warned earlier this week that the physical theft or loss of a device containing corporate information is the largest single reason for data breaches. The security vendor found in its latest Global Internet Security Report that corporate IT systems are facing increasingly targeted attacks.

Indeed, Symante has previously revealed the heavy price of cyber attacks and the corporate security measures to tackle them, after it conducted a study that found that cyber attacks are costing enterprises around $2 million (£1.3m) per year.

The headaches posed by data breaches are nothing new. Back in February for example, a critical server at the Valdosta State University in Georgia was hacked, an attack that compromised highly sensitive personal information of thousands of students and staff.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

18 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

19 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

19 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

20 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

20 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

21 hours ago