Feeds

MoD networks still malware-plagued after two weeks

Officials: But all our base email are belong to us

The essential guide to IT transformation

Ongoing malware problems at the Ministry of Defence have left some officials and service personnel still without desktop computing, a fortnight after infections began. However, the MoD insists that media reports of its email being sent to Russia are untrue.

MoD officials confirmed to the Register this morning that some ministry systems are still unavailable, though it was claimed that "most" of the infected machines have now been restored to use. Though spokesmen were unwilling to discuss specifics of the malware involved, they did say "the virus has not been targeted specifically at the MOD" and confirmed that others on the wider internet would have been affected by the same issue.

This would appear to lend credence to suggestions that the MoD is suffering from some version of the Conficker/Downadup worm also wreaking widespread damage elsewhere. MoD officials have insisted throughout that their problems have been limited to administrative nets used mainly for email and other ordinary desktop services - including the NavyStar/N* desktops aboard Royal Navy warships. All such MoD systems are based on ordinary industry PCs running Windows, and as such could be vulnerable to Conficker/Downadup.

The Sunday Times, indeed, reported this weekend that RAF emails had been "sent to a Russian internet server". MoD spokesmen confirmed to the Reg today that the malware infecting their systems did "try to dial home to different domains", but insisted that the ministry's "pre-existing security measures" had prevented this - and so had "prevented any loss of classified or personal data".

The MoD also stated that no command or operational systems - for instance the new Windows-based combat command architecture now universal in Royal Navy submarines, and rolling out into the surface fleet - had fallen victim to the infection. Officials added that no system handling information graded higher than Restricted had been affected at all.

Reports and Reg reader emails have suggested that at the height of the infection as many as three-quarters of the Royal Navy's warships had their N* nets infected, and more than 20 RAF stations. Readers have also reported infections at other MoD facilities. Official spokesmen refused to confirm or deny the extent of the problems, and could offer no timeline by which the ministry's networks would be fully restored. However, they did issue a statement saying:

A solution to clean infected systems and prevent re-infection has been tested and is being implemented. The majority of systems are working normally, however remedial action is ongoing on some systems so for those people who are still off-line normal business will resume as quickly as possible.

It was confirmed that reinfection had been an issue in cleaning up the virus, with some systems having to be disconnected from networks or turned off in order to prevent recurring problems. ®

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?