Tuesday, 2 February 2010

A Cyberwarfare Warning: Greater Manchester Police & Conficker

In the information age our Police forces increasingly relies on their IT systems to help them perform their duties, these IT systems hold citizen’s most personal sensitive information. Given the nature of “Police Business” you would think Her Majesty’s finest would be pretty good at IT Security, but apparently not. One of the largest Police forces in the UK, Greater Manchester Police (GMP), were forced to disconnect their IT systems from the national Police systems, after their IT systems had been discovered to be riddled with the Conficker WORM. This nasty piece of malware has been around since 2008, however all the anti-virus systems I know of, has been protecting IT systems against it since just after Conficker’s release.

From School Children and to Silver Surfers, most people realise and understand the importance of having Anti-Virus software installed on their PCs, and the importance of keeping their Anti-Virus up to date. Installing Anti-Virus protection onto all Windows based operating systems and keeping it up to date is a very basic of best practices. Clearly this was not being achieved by the GMP, it was reported that much of their IT systems were infected with Conficker on Friday 29 January 2010, to such an extent they had to disconnected all their systems from the national police systems for several days, rendering GMP less effective. For instance GMP officers had to request checks on names and vehicles from neighbouring policy forces.

What I find particularly concerning about this successful attack, aside from the possible breach of highly sensitive information, which is a real risk of Conficker; is just how simple it is to take out key IT Systems leading to a direct impact on a pillar stone of our society’s infrastructure.
Previously Conficker also hit IT Systems at the Houses of Parliament, Hospitals in Sheffield and cost Manchester City Council £1.5 Million, although some might say preventing Manchester City Council from issuing hundreds of motoring penalty notices in time due to Conficker knocking out it's IT systems was a bit of a blessing.

In this day and age we tend to take for granted our increasing reliance on IT systems, in terms of cyber attacks against our national infrastructure, this is a very real and increasing risk, and there has already been several examples of international cyber attacks. This latest Conficker outbreak at the GMP should serve as a real warning to the UK Government. Whether it’s our national power grid, banking infrastructure, telecoms, air traffic control, or even key online servers and websites, cyber attacks can really hurt us and our economy.

It is more than feasible that cyber terrorists could make the next "Conficker" type WORM, to specifically target key infrastructure IT systems. The damage could be done before Anti-Virus and OS vendors can respond with a solution. At the end of the day Anti-Virus is reactionary and a "stick on a plaster" approach to security, meanwhile tens of thousands of new vulnerabilities are found in Operating Systems and Applications on a yearly basis. This increasingly vulnerability trend which will continue to rise despite the usual vendor hype of "this is our most secure platform ever". We saw this just two weeks ago with the actively exploited vulnerability in the latest version of Internet Explorer, indeed this took several days to be patched, or is that plastered.
The UK Government are responsible for protecting the country's key infrastructure, however I’m afraid to say the UK Government is doing very little to address this threat at present, unlike across the pond where Barak Obama recently appointed Howard Schmidt as their Cyber Tsar, to help tackle these types of risks. Just a few months ago I was speaking with Howard about this very subject; he didn’t disagree with me when I stated that I believe it’s just a matter of time before we see a Cyber 911.

1 comment:

  1. This is pretty shocking that such a large organisation such as the GMP don't properly practice good web security. A simple piece of software could quite easily detect this virus and for a fraction of the £1.5million it cost having to shut down the network. Can't believe i didn't see this in the news earlier in the year.

    ReplyDelete