NHS Computers Hit By Qakbot Infection

More than 1000 desktop computer systems owned by the National Health Service (NHS) have been infected with Qakbot, a botnet that steals data, but which appears not to have harvested any patient information.

Data-stealing Qakbot loose in hospitals

The data stealing worm Qakbot has infected over 1,100 separate systems, according to security vendor Symantec. Essentially the botnet tries to steal login details for file transfer protocol (FTP) accounts, and email logins which use post office protocol (POP) 3.

“One unusual aspect of Qakbot is that even though its purpose is to steal information associated with home users, it has also been successful at compromising computers in corporate environments as well as government departments,” wrote Symantec’s Patrick Fitzgerald on the vendor’s security response blog.

“For instance, there are over 100 compromised computers on a Brazilian regional government network. More alarmingly, the logs show that there is a significant Qakbot infection on a major national health organisation network in the UK,” he wrote.

“This threat has managed to infect over 1,100 separate computers that are spread across multiple subnets within their network. We have attempted to contact the affected parties and have no evidence to show that any customer or patient data has been stolen. Given that these figures are based on the evidence from logs obtained from only two servers over two weeks, the actual numbers may be higher,” Fitzgerald warned.

Data Breaches

Qakbot is designed to monitor compromised computers for sensitive information and works by recording the suggestions brought up by the autocomplete features of browsers. It is also capable of stealing data (up to 2GB per week) such as online banking information, credit card information, social network credentials and email account information as well as Internet search histories.

Symantec warned earlier this week that the physical theft or loss of a device containing corporate information is the largest single reason for data breaches. The security vendor found in its latest Global Internet Security Report that corporate IT systems are facing increasingly targeted attacks.

Indeed, Symante has previously revealed the heavy price of cyber attacks and the corporate security measures to tackle them, after it conducted a study that found that cyber attacks are costing enterprises around $2 million (£1.3m) per year.

The headaches posed by data breaches are nothing new. Back in February for example, a critical server at the Valdosta State University in Georgia was hacked, an attack that compromised highly sensitive personal information of thousands of students and staff.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

8 hours ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

11 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

13 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

1 day ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

1 day ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

1 day ago