Met Police confirms ICT outage but plays down attack fears
Two weeks of IT woe for cop staff
The Metropolitan Police Service is investigating the cause of a "major network issue" that has prevented staff using some IT services for almost two weeks.
A Met spokesman confirmed the problem was first identified on 9 June, but insisted no critical systems had been downed by the incident.
"As a result of a major network issue, the MPS is currently experiencing issues with a small number of ICT services, including printing services and system access for some MPS staff and officers," he told the Reg.
"MPS has taken significant steps to investigate this as a matter of priority. Progress has been made to restore a number of services and urgent work continues to resolve the issues and restore the remaining services to all staff and officers as quickly as possible.
"Where operationally required, staff and officers have been advised of workarounds and reverted to fallback procedures in the absence of certain applications to ensure this does not impact on the service to the public."
The Met said it has no reason to suspect the the network issues were caused by a deliberate cyber attack. "Investigations are still ongoing to identify the root cause and at this stage we are not ruling anything out. However, our anti-virus software continues to work effectively."
According to sources, a portion of the Met's computer system is offline, hindering some Police National Computer checks. It's possible "information leakage" by certain print servers could be blamed for the issue.
At the time of writing, the Met spokesman was unable to shed any light on this point or detail when the network woes would be resolved.
Previous research by the European Network and Information Security Agency highlighted the risks of printing and carelessly discarding sensitive biz documents. But Graham Cluley, senior tech consultant at Sophos, was unaware of any previous security attacks infecting actual printer hardware.
"Printers don't normally have a programming interface to run its own code, there could be data storage or management software but I haven't heard of malware [attacks] and if there were it would be hardware specific," he said.
"It would, however, be an interesting proof of concept." ®
Sponsored: Protecting mobile certificates