RSS Alerts

Related Links

Related Stories

  • Professor Ross Anderson calls for Pan-European cybercrime agency
    Veteran computer security expert Professor Ross Anderson of Cambridge University says that European police and allied security agencies need a centralised agency in order to better tackle the problem of cybercrime.
  • Durham Police website hacked by SQL injection
    An unknown hacker - apparently protesting about terror deaths in Pakistan - has attacked the Durham Police website, forcing it to temporarily close.
  • Infosecurity Europe: Police central e-crime unit can’t afford to tackle e-crime
    At the Infosecurity Europe show, London, on 30 April 2009, in a session titled ‘The dynamics of e-crime’, an audience member - an employee of the police central e-crime unit (PCeu) within the Metropolitan police service – interrupted the panel to declare that police are not ignoring the increasing problem of e-crime, but are under-funded and thus unable to tackle it effectively.
  • Information security threats in H1 2009: malware and rogue security software
    Microsoft has just released its Security Intelligence Report volume 7 (SIRv7) for the first half (H1) of 2009 exploring the most prevalent information security threats - malware and rogue security software.
  • Nine lives - when malware becomes self-modifying
    As the Conficker (aka Downadup and Kido) worm proved when it first appeared in October 2008, there's more to a piece of malware code than meets the eye, especially when it is self-updating. But can self-updating also mean self-modifying? Steve Gold investigates whether an IT security manager's nightmare has become programming reality...

News

Greater Manchester Police hit by Conficker

04 February 2010

The continuing problem of staff popping infected USB sticks `from home' into their office PCs has reportedly hit Greater Manchester Police with a full-blown Conficker worm infection.

Reports on Northwestern TV news and the local press in Manchester say that the computer systems of Greater Manchester Police were effectively cut off from most of the police national computer for around three days. It's unclear whether the cut-off was caused by the Conficker worm or the PNC operators shutting off access to protect their own resources, but the police say the infection was caused a member of staff plugging an infected USB drive into an office computer system.

The problems started on Friday evening and spread over the weekend, downing internet connections and email access, and causing officers to switch to contingency plans which involved their phoning colleagues in other forces for urgent PNC information.

According to the Manchester Evening News, the police's IT staff worked through the weekend and managed to eradicate the Conficker worm by Monday afternoon.

This isn't the first time that Mancunian computer systems have been hit by Conficker as almost a year ago, Manchester council's computer systems were downed by the worm, costing the local government agency an estimated £1.5m to fix the problem.

In that incident the council was forced to write off a number of parking tickets. It is not known whether police in Manchester will also have to write off similar penalty notices due to the outage.

According to Jason Holloway, Northern European sales manager with SanDisk, the reports that the infection was caused by a USB stick underlines the fact that conventional USB flash drives are a key method for spreading these infections stealthily.

The infections can, he said, occur without the USB stick owner being aware of the infection, as was the case with the Ealing and Manchester council worm problems of last year.

"Virus scanning has to extend beyond the PC to all types of removable storage", he said.

"Better still, employees should only be able to use authorised flash drives that include on-board antivirus scanning. This ensures that users cant turn off, disable or work around the protection, and would stop these infections from spreading", he added.

 

This article is featured in:
Malware and Hardware Security Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water