Feeds

back to article Conficker left Manchester unable to issue traffic tickets

Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems. Drivers caught on camera driving in bus lanes escaped punishment after the town hall fine processing system was taken offline in February, following infection by …

COMMENTS

This topic is closed for new posts.
Go

Oh no!

The council was unable to illegally issue parking fines? Oh no!

They won't make a profit out of breaking the law!

(Bill of Rights Act 1689, section 6: No man may be penalised, have property seized or be subject to punishment until deemed guilty of a crime in a court of law by a jury of their peers).

-- Richard

0
0
Happy

King

Hey Mr Park is that your horse bolting down Manchester high street? I think it was using a bus lane but no worries there.

0
0

Hmmm...

"...in the event of an emergency those key systems..."

I bet they're only really worried about the ones that generate revenue for them. What's the betting that the bus-lane cameras will be fixed first next time there is an outage?

0
0
WTF?

Let's add £1½M to the TCO of Windows

There's a post over at /. that talks about how these clean up costs should be factored into the TCO of using Windows but never are.

It's definitely something that Microsoft don't include in their figures when they spout their bullshit about Windows-based environments being cheaper to build, run and support than an equivalent *nix environment.

Whilst some of the Mancs' costs aren't directly attributed to IT, e.g. compensation for late payments, they simply wouldn't have been necessary at all if they didn't use Microsoft's OS.

Sure, you can say that the costs would have been avoided if the Windows administrators had done their job properly and had secured their network, but that's the trouble with Windows sysadmins... they're two-a-penny, and you get what you pay for. People whose only experience of computing is to run a Windows PC at home consider themselves to be Windows sysadmins. There's a reason why these people are comparatively cheaper than their *nix counterparts - because *nix guys tend to know what they're doing, and have the required skills and experience to do the job properly.

0
0

As bloody usual...

...conficker can only infect via USB if the user has admin privs. The message is quite clear. Why the hell were users on a corporate network given admin access?

0
0
Silver badge

I'm not surprised

"...council's disaster recovery strategy, which the incident exposed as hopelessly inadequate."

Of course it was. They only wrote it because they had to. I also bet they never tested the recovery procedures because that would have been too 'disruptive' and senior people would have been without e-mail and internet access for a few hours. Bloody typical!

0
0
Pint

How sad...

Group hug, anyone?

0
0
FAIL

Security

"Clean up costs and consultancy fees were a far more significant cost, resulting in costs estimated at £600k. In additional, council IT chiefs spent a further £600k on Wyse thin client terminals as part of an enhanced backup strategy.

Town hall chiefs also spent a further £169,000 on extra staff needed to handle a backlog of benefits claims. Compensation payments to benefit claimants piled on the financial pain.

"

Where securing the systems to not let this in. Would have cost no where near that.

Nice to know my tax is being spent well :D

0
0
FAIL

Surely.that should read -

Steve Park, Ex Head of ICT at Manchester city council.

0
0
Welcome

Could it be...

..that conficker is a worm designed to fight evil? Houses of parliament (boo), traffic wardens (hiss) and an accidental strike on a hospital (perhaps it had something against the surgeon?)

I, for one, welcome our new (ok, old) evil-fighting worm. I wish I had windows so I too could become a zombie to fight evil.

0
0

Well done, Conficker

For the first time I find myself congratulating the black hats.

During previous "outbreaks" I watched with mild amusement as the Windows people scrambled to clean up a new problem, but I never condoned it. In this case, with some motoring "offences" to the mix, it's a different matter. The council has a very nasty money-grabbing scheme by shafting motorists. It's hard to not feel a sense of "serves you flipping well right" towards the council. Alas, it's not the council who foot the clean up bill, it's the tax payers.

The council had to hire a load of cake-eating consultants, presumably because their own staff are not up to the job. Even though Windows is supposed to be easy (though in practice it is horrible). Was anybody disciplined in any way for allowing this outbreak to happen? In between eating cornish pasties, what was the IT department doing?

0
0
Pint

@ Sabine Miehlbradt

Ill drink to that whoop

0
0
Thumb Up

Good

serves them right for being cnuts in the first place.

0
0
Anonymous Coward

bunch of inadequate cnuts

Manchester Council seem to conveniently forget that they turned off automatic updates and let their virus protection slip out of date (Due to a firewall issue preventing downloading of virus databases if I remember correctly).

Yes, infected USB sticks certainly helped conficker to propagate, but if they had done their job properly in the first instance then no damage would have been done. So blame the users because that's what they want to hear at the top and it deflects from your own shortcomings.

anonymous because I was there

0
0
FAIL

What a suprise

Having experienced the pain of dealing with MCC & their IT system, I'm not suprised.

The over all impression is that the entire operation runs on luck and the occasional defrag

0
0

@Richard 75

I think you'll find that a fine, issued by the police, is not a court punishment. The fines issued by the police are in fact settlements. You pay the fine, they don't drag you over to the courts. If you don't want to pay, you can always request a court hearing (At which point the courts will probably issue a bigger fine, unless you've got a valid point ofcourse)

0
0
Happy

@ By Richard 75

"(Bill of Rights Act 1689, section 6: No man may be penalised, have property seized or be subject to punishment until deemed guilty of a crime in a court of law by a jury of their peers)."

Good luck with that next time you get a parking fine!

http://www.parking-appeals.gov.uk/about/circulars/Bill%20of%20Rights%20Act%201689.pdf

The 1689 Act is relevant, but there is no conflict between it and the

decriminalised parking scheme brought in by the Road Traffic Act 1991.

0
0
Paris Hilton

Manchester City Council

"Council chiefs have banned the use of memory sticks, which were blamed (extracts from memos here) for causing the infection, as well as disabling all USB ports in response to the incident."

Manchester City Council have not blocked s**t. I do IT for a company that works closely with them, and we are still blocking the mighty confiker one a thrice weekly basis, and do you know how we are getting it? Through a USB memory stick.

Its not hte end of the world, we quarantine and clean the stick automatically, but its only coming from MCC.

And do they take responsibility, or even care to have a look?

Paris as its nicer than Manchester.

0
0

@Gareth

The problem you are talking abuot is paying peanuts, getting monkeys. It's not just limited to underpaid Windows engineers being underskilled, I've come across many a wannabe sysadmin who thinks that becuase they use Linux in their bedroom, they somehow know all of UNIX. They are just a cheap and just as dangerous, sure the problems don't manifest in terms of virus infestations, but poor security, system instbillity, inabillity to carry out simple tasks in a sensible timeframe etc, are just as important.

0
0
Anonymous Coward

Tsk ...

How predictably dumb. Hell mend them.

0
0
Silver badge

@KarlTh

Because despite their claims to the contrary, much of the software that runs under Windows still requires local admin privileges to run properly. All of our web developers, programmers, and accountants need those privileges to use the software they use for their jobs. And yes, when we rolled out XP so many years ago, we initially tried to follow recommended "best security practices" but it was simply impossible. And yes you read that correctly: the fricking ACCOUNTING system requires local admin privileges.

0
0
Flame

Benign Worm

"Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems."

Makes a nice change for a worm to have good effects. MCC can **** off with it's ridiculous parking rip offs and obvious underhanded corroboration with NCP. First all the places to park for free at night were made into Pay and Display if they weren't already, then the ones where it was free after 6 turned into free after 8, then not free at any time. Once that was done the NCP prices mysteriously started going up. Seriously - you are looking at around £7-£12 to park somewhere for 4 hours at 11pm at night in am empty car park? They can **** off. May they get repeatedly infected by worms.

0
0
FAIL

But now they're safe...

"Council chiefs have banned the use of memory sticks, which were blamed (extracts from memos here) for causing the infection, as well as disabling all USB ports in response to the incident."

So, the USB sticks are to blame, not the hopelessly inadequate IT management?

Good to hear that they are safe now from any further malware incidents - after all they have banned USB sticks.

0
0
FAIL

As the horses arse drops out of sight over the horizon...

"council IT chiefs spent a further £600k on Wyse thin client terminals as part of an enhanced backup strategy"

I just love the way the cost of bolting the stable door is counted as part of the cost of the incident.

Beancounters - can't live with 'em, can't shoot 'em damnit.

0
0
Bronze badge

woot

but how the hell did confiker actually take down the system ???

it just sat there doing bugger all !!!

0
0
Anonymous Coward

Shame

it didn't take out Sefton last week. The parking wombles are keen there.

0
0

That's a lot of wyse terminals.

They normally retail at about £200-£300.. that's a LOT of thin client terminals.. I guess that figure includes some sort of infrastructure cost too.

0
0
Thumb Down

£600K

Buys a lot of thin clients, probably in the region of 1800 units!

0
0

Any chance

this could be rolled out to all councils?

0
0

Disabling USB ports?

I'm sure disabling the USB ports of any semi-recent computer will not go down well. USB keyboards and mice, y'see...

0
0
Anonymous Coward

Lotus Notes

Is MCC still using Lotus Notes? LOL

0
0
Coat

@northern monkey

Conficker did not go the surgeons. It mistook paediatrician for pederast again.

0
0
FAIL

What's new?

Age old problem, management not knowing arse from elbow and not taking heed of good practice/advice. Plus not wanting to upset users that want to browse the 'net, show off their photos to colleagues and/or to listen music. Oh yes and everyone's an expert with IT because they have a computer at home.

FAIL because they did.

0
0
Anonymous Coward

still got a job?

So Park's policies, or inadequate information security policies lead to a disaster costing £1.5m

Does he still have a job? Bet he's learnt his lesson now.

I'm not surprised, government organisations always are slow to put in put place suitable procedures, policies. Having said that, I worked on one project where security was paramount and the USB ports were locked down. In fact, later they made it a crime to even be seen with a USB stick on site. But that's not your average branch of government I hasten to add.

I remember working for one very well know and very important part of government, back in the end of the 1990's, if they wanted to order electronic components for a major development project taking place, we couldn't just ring up the supplier and place an order, heck, we couldn't even fax the order...how was the order placed? Write up the order on a form, send it to the typing pool at another location, have them type up the order onto more paper and then send it through snail mail to the supplier!

So a week's wait just to place an order! Heaven forbid trying to place the order through a web site!

0
0
Grenade

Dorks

Absolutely lovin dorks.

The ICT team was probably earmarked for handling UK ID cards too?

BTW: this brings up another favourite of mine...

UK local authorities should as part of their annual statements to the public declare additional unexpected costs or losses.

For example:

£9 million lost in credit crunch (something about only investing what one is prepared to lose? Iceland? Public muni?)

£1 million lost in breaches of employment law

£1.x million lost by one (note the ONE) computer virus infection

and so forth...

Now daft as it may seem to you or I, UK local authorities don't seem to realise losses from budget mean that public is not best served. Nor do they seem to realise that as recipients of public muni they should also be fully accountable even if it highlights employee incompetences.

Interim conclusion: MCC should be congratulated for its open accountancy and respect of the public and public muni (okay - that went to far but at least there appears to be one instance of accountability yes?)

0
0
N2
Bronze badge

@ a lot of Wyse terminals

Theyve probably stuck them in a (large) cupboard somewhere!

Agreed, these costs should all be added to the TCO of windows

0
0
Go

@Tom 13

I've worked with quite a few customer with various legacy NT apps etc that needed to run as administrator and often you find that actually they don't need to run as the actual administrator, they just need increased access to one or more areas of the hard disk; manually increasing the users access to these areas or files often resolves the problem without needing to go for a full blown admin account

If this doesn't work the easiest way to get around software which really needs to run as the administrator is to create shortcuts to it using the runas command http://technet.microsoft.com/en-us/library/bb490813.aspx

Neither solution is perfect but one usually does the job - hope they help if you're having this problem

Either way, having some pieces of software which need admins access so giving ALL users admin access and not locking down autorun on USB sticks is pretty poor (No Iain Thomas you don't need to fully disable the USB ports, you could even fully disable USB Thumb drives and still allow mice and keyboards to work)

I wonder if this level of council IT fail is why Manchester was selected for the ID card treatment? Presumably Jacqui waved the magic piece of plastic in front of the council chiefs' faces and was satisfied by the general response "ooh... shiny"

0
0

@ Iain Thomas

'S Not really an issue. You can specify the device type to block, or at least we do.

0
0
Bronze badge
Thumb Up

@ Ian Thomas

Nah its easy mate just edit the reg entry usbstor to 4 and that will disable all usb storage devices

Very usefull ....

but do remeber this will also disable usb cd drives (which new dells have for example)

but then again if your disabling thumb drives burnable cds prove just a big a issue tbh

0
0
FAIL

Hahahaha

Because they did not use combofix and they let their employee use their flash drives form home on their work computers.

PURE FAIL

0
0

@Tom 13

Blame the cretin who agreed to buy shite software that requires Admin privs to run. Hammer the provider until the provide a fix. That's what I do. Final sanction is "tough. Our policy says you can't run as admin. End of."

Having said that, it's usually a case of sorting out the permissions on a few registry keys and system files.

0
0

@Tom 13 again

If all else fails, give 'em a second account which has administrator rights but does not have the right to log on interactively. Give 'em a shortcut to "runas /user:domain\adminac ShitSofware.exe" and you're good to go.

Never ANY excuse for people to log in interactively as admin, any more than you'd log into a Linux box as root.

0
0
This topic is closed for new posts.