Conficker virus outbreak at Greater Manchester Police

Image (1) greater-manchester-police.jpg for post 15804

Greater Manchester Police
Greater Manchester Police has been reportedly cut-off from the UK’s Police National Computer system, after an outbreak of the notorious Conficker worm.

As a result, the police force has been unable to carry out checks on criminals and suspect vehicles since the virus entered its computer network on Friday.

Officers have been warned against using unauthorised USB flash drives – a common method for the Conficker worm to enter an organisation.

According to Dave Thompson, Assistant Chief Constable of Greater Manchester Police, the public has not received any difference in the level of service they have received as a result of the virus infection.

“The virus is not destructive and no data has been lost but due to the speed it has spread we have temporarily cut off our access to the Police National Computer and other Criminal Justice systems to prevent further infection,” Thompson is reported as saying. “A team of experts is now working on removing the virus, and will not reconnect until we are sure there is no further threat.”

Conficker, which was first encountered in late 2008 and created a hystericane of media interest in March last year, spreads via a variety of methods – but my guess is that it’s most likely that it infected the police systems via an infected USB stick. After all, they’ve had well over a year to put the Microsoft patch in place.

Malware like the Conficker worm can spread via infected memory sticks, taking advantage of the AutoRun facility to execute on computers, and has been a common route for virus distribution in recent years. The problem was such that it encouraged Microsoft to improve the way AutoPlay worked in Windows 7.

Although companies can’t strip search employees in order to prevent USB memory sticks being brought into their organisations, they can take steps to help fight the problem of unauthorised devices being attached to their network. More and more organizations are looking to control access to USB ports – it doesn’t just help stop malware, it can stop sensitive data from leaking out too.