Thursday, March 26, 2009

EXCLUSIVE: UK Parliamentary network joins virus bot-net

Oh dear, it appears that the Parliamentary IT network has joined the other millions of computers around the world infected by the Conficker worm. The latest variant of the worm will activate and download its payload on April 1st and no one is quite sure whether it will be merely an April Fools Day gag or something that will cause havoc.

The following email was sent out last night to all users of the PICT - that's the network that PGP is not compatible with apparently.
To: All users connecting directly to the Parliamentary Network

The Parliamentary Network has been affected by a virus known as conficker. This virus affects users by slowing down the Network and by locking out some accounts. We are continuining [sic] to work with our third party partners to manage its removal and we need to act swiftly to clean computers that are infected.

We are scanning the Network and if we identify any equipment which we believe is infected with the virus then we will contact you to ensure that the device is either removed from the Network or cleaned and loaded with the correct software to prevent this infection reoccurring.

You can help us to contain this problem and prevent new infection by adhering to the following advice:

  • We are unable to clean PCs and portable computers which are either not switched on or which are not authorised devices. We therefore ask that if you are running a PC or portable computer not authorised to be on the Network that you take it off immediately.
  • An additional characteristic of this virus is that for some types of files it can skip direct to the Network from a USB memory stick or other portable storage device (e.g. mp3 players) without hitting the virus checker software. We ask that for the time being you do not use memory sticks or any other portable storage devices on the Parliamentary Network.
  • If you do identify a problem with the equipment you are running, please contact the PICT Service Desk on 020 7219 2001 when it reopens on Wednesday 25 March from 8am.
  • If you are connecting using one of our remote access services, from a Constituency Office for example, a separate communication will be sent to you.
Director of Parliamentary ICT.
Another day, another IT security fail? More on the hype of whether this virus is damp squib or the beginning of Armageddon can be read here, here and here. Of course, even if it does nothing it remains worrying that Parliament can be so easily compromised in the first place. Go Windows!


Anonymous said...

Apparently it exploits a vulnerability in Windows that Microsoft patched in October.

So they clearly aren't regularly updating with Windows patches because...?

Anonymous said...

Since when has anything this government done with IT ever worked correctly? Or for that matter ever been finished on time or budget?

Letters From A Tory said...

If they can't even look after their own data without getting a computer virus, just imagine what would happen with an ID card database or a communication database.

The mind boggles.

Anonymous said...

a PC or portable computer not authorised to be on the Network


There's no access control? They deserve everything they get.

Anonymous said...

Other respondees: Please don't confuse Parliament and Government - it's bad enough that the Government forgets there's a difference, without the public becoming the same.

As for access control: it may well be that, as with so many things, the MPs have decided the normal rules shouldn't apply to them.

coffee maker said...

ironically, to help people from being affected by Conficker, the government could issue a public statement telling people to stay *outside* as much as possible...