Feeds

Conficker left Manchester unable to issue traffic tickets

Infection cost £1.5m in total

SANS - Survey on application security programs

Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems.

Drivers caught on camera driving in bus lanes escaped punishment after the town hall fine processing system was taken offline in February, following infection by the infamous worm. Failure to issue 1,609 tickets within the statutory limit of 28 days left the city £43,000 out of pocket.

Clean up costs and consultancy fees were a far more significant cost, resulting in costs estimated at £600k. In additional, council IT chiefs spent a further £600k on Wyse thin client terminals as part of an enhanced backup strategy.

Town hall chiefs also spent a further £169,000 on extra staff needed to handle a backlog of benefits claims. Compensation payments to benefit claimants piled on the financial pain.

In total the incident cost the council an estimated £1.5m, the Manchester Evening News reports. Infection by the worm left council workers unable to send emails or print documents, and struggling with extra red tape after they were obliged to keep additional back-up paper records in case data was lost.

Council chiefs have banned the use of memory sticks, which were blamed (extracts from memos here) for causing the infection, as well as disabling all USB ports in response to the incident. Albert Square IT chiefs have also promised to revamp the council's disaster recovery strategy, which the incident exposed as hopelessly inadequate.

Steve Park, Head of ICT at Manchester city council, told the MEN: "I’d like to reassure the public that we’ve built on and improved our disaster recovery strategy, which covers all our main networks."

"This means that in the event of an emergency those key systems can be recovered with minimal disruption to the services involved."

The fallout from the Conficker worm infection represents the second time in a week that Manchester City Council has made headlines following IT cock-ups. Data Watchdogs at the ICO put the council on notice over breaches of the Data Protection Act last week following the earlier loss of two unencrypted laptops from council premises. One of the stolen machines contained personal details on hundreds of teachers and support workers at local schools.

Previous victims of the Conficker worm have included the UK's Houses of Parliament and hospitals in Sheffield, as well as many other organisations outside the UK. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.