14 DAY TRIAL // The British media reports that the UK Ministry of Defense has been battling a computer worm that spread on the NavyStar networks of numerous ships in the Royal Navy Fleet. The worm crashes computers used for record keeping, e-mail communication, and Internet access.
The NavyStar networks installed on certain ships are composed of regular PCs, equipped with better casing, shock protection, and other improvements. The expensive, but non-critical system was designed by Fujitsu, and is used for support activities. While at sea, the systems communicate with other networks via satellite.
According to Portsmouth Today, systems on board the HMS Ark Royal, the navy's flagship, have been affected throughout the past week. The ship set sail from Portsmouth with Liverpool as destination five days ago, and the crew had to rely on their mobile phones in order to communicate with their families. “It has been utter chaos,” a sailor aboard the carrier described the situation under the protection of anonymity.
A spokesman for the Ministry of Defense noted that critical systems, like weapons and navigation, had not been affected, because they benefited from stronger protection. He also explained that HMS Ark Royal had not been completely resolved, because deployed ships received a higher priority.
“A solution to prevent re-infection has been tested and implemented. The majority of systems are working normally. This is an ongoing process which we are working urgently on, so for those people who are still off line normal business will resume as quickly as possible,” a MoD spokesman told The Register.
Officials also stressed that no sensitive information had been compromised, but even so, “It is truly frightening to think that a virus can spread this far and this fast through the network. It was an expensive system to build for what is supposed to be one of the most secure sectors,” Mike Hancock, Portsmouth South MP, thought.
Details about how the worm infected the network are scarce, but Graham Cluley, senior technology consultant for Sophos, does not think that hackers targeted the Royal Navy. “My hunch is that it’s more likely that a human error or lapse in security,” the security researcher said, adding that “We would expect those bodies responsible for the security of the country to have proper defences in place.”
The UK Ministry of Defense does not have a favorable record when it comes to IT security breaches, but this are not the only government institution confronting with such problems. The U.S. Army banned the use of portable storage devices on its networks a few months ago, while trying to contain a similar worm from spreading. More recently, the Bulgarian Ministry of Interior and and the Ministry of Health in New Zealand were affected by similar attacks that crashed important systems on their respective networks.