14 DAY TRIAL // One year after it took the world by storm, the infamous Conficker computer worm still manages to make high-profile victims. Computers belonging to Greater Manchester Police (GMP) got infected with the malware last week forcing the entire network to be cut off from the Police National Computer (PNC) system.
Conficker, also known as Downadup or Kiddo, is a computer worm primarily exploiting a Windows security vulnerability identified as MS08-067. Launched in November 2008, it's estimated that at its peak, the worm infected from 9 to 15 million computers worldwide. Companies and organization have been particularly affected, because the worm excels at spreading inside local area networks by infecting unpatched systems.
The worm was discovered on the GMP computer network last Friday and quickly spread to a large number of computers. This prompted the decision to disconnect from the Police National Computer (PNC), the computer system hosting several national databases used by law enforcement to check criminal records and suspect vehicles.
"A team of experts is now working on removing the virus, and will not reconnect until we are sure there is no further threat," Assistant Chief Constable Dave Thompson commented for the BBC. "We have systems in place to ensure this does not affect our service to the communities of Greater Manchester,” he stressed.
Mr. Thompson also mentioned that once the investigation was complete, steps would be taken to prevent this attack from happening again. But the real question is how it happened in the first place. “My guess is that it's most likely that it infected the police systems via an infected USB stick. After all, they've had well over a year to put the Microsoft patch in place,” Graham Cluley, senior technology consultant at antivirus vendor Sophos, noted.
Last year we reported that Conficker infected the Manchester City Council computer network costing the municipality £1.5 million ($2.45 million). Other British institutions affected by the worm were the Parliament and the Ministry of Defence.