back to article Conficker left Manchester unable to issue traffic tickets

Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems. Drivers caught on camera driving in bus lanes escaped punishment after the town hall fine processing system was taken offline in February, following infection by …

COMMENTS

This topic is closed for new posts.
  1. Richard 75
    Go

    Oh no!

    The council was unable to illegally issue parking fines? Oh no!

    They won't make a profit out of breaking the law!

    (Bill of Rights Act 1689, section 6: No man may be penalised, have property seized or be subject to punishment until deemed guilty of a crime in a court of law by a jury of their peers).

    -- Richard

  2. Scott 19
    Happy

    King

    Hey Mr Park is that your horse bolting down Manchester high street? I think it was using a bus lane but no worries there.

  3. Matthew 3

    Hmmm...

    "...in the event of an emergency those key systems..."

    I bet they're only really worried about the ones that generate revenue for them. What's the betting that the bus-lane cameras will be fixed first next time there is an outage?

  4. Gareth.
    WTF?

    Let's add £1½M to the TCO of Windows

    There's a post over at /. that talks about how these clean up costs should be factored into the TCO of using Windows but never are.

    It's definitely something that Microsoft don't include in their figures when they spout their bullshit about Windows-based environments being cheaper to build, run and support than an equivalent *nix environment.

    Whilst some of the Mancs' costs aren't directly attributed to IT, e.g. compensation for late payments, they simply wouldn't have been necessary at all if they didn't use Microsoft's OS.

    Sure, you can say that the costs would have been avoided if the Windows administrators had done their job properly and had secured their network, but that's the trouble with Windows sysadmins... they're two-a-penny, and you get what you pay for. People whose only experience of computing is to run a Windows PC at home consider themselves to be Windows sysadmins. There's a reason why these people are comparatively cheaper than their *nix counterparts - because *nix guys tend to know what they're doing, and have the required skills and experience to do the job properly.

  5. KarlTh

    As bloody usual...

    ...conficker can only infect via USB if the user has admin privs. The message is quite clear. Why the hell were users on a corporate network given admin access?

  6. frank ly

    I'm not surprised

    "...council's disaster recovery strategy, which the incident exposed as hopelessly inadequate."

    Of course it was. They only wrote it because they had to. I also bet they never tested the recovery procedures because that would have been too 'disruptive' and senior people would have been without e-mail and internet access for a few hours. Bloody typical!

  7. Sabine Miehlbradt
    Pint

    How sad...

    Group hug, anyone?

  8. Anonymous Coward
    FAIL

    Security

    "Clean up costs and consultancy fees were a far more significant cost, resulting in costs estimated at £600k. In additional, council IT chiefs spent a further £600k on Wyse thin client terminals as part of an enhanced backup strategy.

    Town hall chiefs also spent a further £169,000 on extra staff needed to handle a backlog of benefits claims. Compensation payments to benefit claimants piled on the financial pain.

    "

    Where securing the systems to not let this in. Would have cost no where near that.

    Nice to know my tax is being spent well :D

  9. The Dorset Rambler
    FAIL

    Surely.that should read -

    Steve Park, Ex Head of ICT at Manchester city council.

  10. northern monkey
    Welcome

    Could it be...

    ..that conficker is a worm designed to fight evil? Houses of parliament (boo), traffic wardens (hiss) and an accidental strike on a hospital (perhaps it had something against the surgeon?)

    I, for one, welcome our new (ok, old) evil-fighting worm. I wish I had windows so I too could become a zombie to fight evil.

  11. Michael Fremlins

    Well done, Conficker

    For the first time I find myself congratulating the black hats.

    During previous "outbreaks" I watched with mild amusement as the Windows people scrambled to clean up a new problem, but I never condoned it. In this case, with some motoring "offences" to the mix, it's a different matter. The council has a very nasty money-grabbing scheme by shafting motorists. It's hard to not feel a sense of "serves you flipping well right" towards the council. Alas, it's not the council who foot the clean up bill, it's the tax payers.

    The council had to hire a load of cake-eating consultants, presumably because their own staff are not up to the job. Even though Windows is supposed to be easy (though in practice it is horrible). Was anybody disciplined in any way for allowing this outbreak to happen? In between eating cornish pasties, what was the IT department doing?

  12. Yorkshirepudding
    Pint

    @ Sabine Miehlbradt

    Ill drink to that whoop

  13. Mobius
    Thumb Up

    Good

    serves them right for being cnuts in the first place.

  14. Anonymous Coward
    Anonymous Coward

    bunch of inadequate cnuts

    Manchester Council seem to conveniently forget that they turned off automatic updates and let their virus protection slip out of date (Due to a firewall issue preventing downloading of virus databases if I remember correctly).

    Yes, infected USB sticks certainly helped conficker to propagate, but if they had done their job properly in the first instance then no damage would have been done. So blame the users because that's what they want to hear at the top and it deflects from your own shortcomings.

    anonymous because I was there

  15. Anonymous Coward
    FAIL

    What a suprise

    Having experienced the pain of dealing with MCC & their IT system, I'm not suprised.

    The over all impression is that the entire operation runs on luck and the occasional defrag

  16. Remy Redert

    @Richard 75

    I think you'll find that a fine, issued by the police, is not a court punishment. The fines issued by the police are in fact settlements. You pay the fine, they don't drag you over to the courts. If you don't want to pay, you can always request a court hearing (At which point the courts will probably issue a bigger fine, unless you've got a valid point ofcourse)

  17. Andy ORourke
    Happy

    @ By Richard 75

    "(Bill of Rights Act 1689, section 6: No man may be penalised, have property seized or be subject to punishment until deemed guilty of a crime in a court of law by a jury of their peers)."

    Good luck with that next time you get a parking fine!

    http://www.parking-appeals.gov.uk/about/circulars/Bill%20of%20Rights%20Act%201689.pdf

    The 1689 Act is relevant, but there is no conflict between it and the

    decriminalised parking scheme brought in by the Road Traffic Act 1991.

  18. MrPatrick
    Paris Hilton

    Manchester City Council

    "Council chiefs have banned the use of memory sticks, which were blamed (extracts from memos here) for causing the infection, as well as disabling all USB ports in response to the incident."

    Manchester City Council have not blocked s**t. I do IT for a company that works closely with them, and we are still blocking the mighty confiker one a thrice weekly basis, and do you know how we are getting it? Through a USB memory stick.

    Its not hte end of the world, we quarantine and clean the stick automatically, but its only coming from MCC.

    And do they take responsibility, or even care to have a look?

    Paris as its nicer than Manchester.

  19. Anonymous Coward
    Anonymous Coward

    @Gareth

    The problem you are talking abuot is paying peanuts, getting monkeys. It's not just limited to underpaid Windows engineers being underskilled, I've come across many a wannabe sysadmin who thinks that becuase they use Linux in their bedroom, they somehow know all of UNIX. They are just a cheap and just as dangerous, sure the problems don't manifest in terms of virus infestations, but poor security, system instbillity, inabillity to carry out simple tasks in a sensible timeframe etc, are just as important.

  20. Anonymous Coward
    Anonymous Coward

    Tsk ...

    How predictably dumb. Hell mend them.

  21. Tom 13

    @KarlTh

    Because despite their claims to the contrary, much of the software that runs under Windows still requires local admin privileges to run properly. All of our web developers, programmers, and accountants need those privileges to use the software they use for their jobs. And yes, when we rolled out XP so many years ago, we initially tried to follow recommended "best security practices" but it was simply impossible. And yes you read that correctly: the fricking ACCOUNTING system requires local admin privileges.

  22. Anonymous Coward
    Flame

    Benign Worm

    "Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems."

    Makes a nice change for a worm to have good effects. MCC can **** off with it's ridiculous parking rip offs and obvious underhanded corroboration with NCP. First all the places to park for free at night were made into Pay and Display if they weren't already, then the ones where it was free after 6 turned into free after 8, then not free at any time. Once that was done the NCP prices mysteriously started going up. Seriously - you are looking at around £7-£12 to park somewhere for 4 hours at 11pm at night in am empty car park? They can **** off. May they get repeatedly infected by worms.

  23. Frank Bitterlich
    FAIL

    But now they're safe...

    "Council chiefs have banned the use of memory sticks, which were blamed (extracts from memos here) for causing the infection, as well as disabling all USB ports in response to the incident."

    So, the USB sticks are to blame, not the hopelessly inadequate IT management?

    Good to hear that they are safe now from any further malware incidents - after all they have banned USB sticks.

  24. Gotno iShit Wantno iShit
    FAIL

    As the horses arse drops out of sight over the horizon...

    "council IT chiefs spent a further £600k on Wyse thin client terminals as part of an enhanced backup strategy"

    I just love the way the cost of bolting the stable door is counted as part of the cost of the incident.

    Beancounters - can't live with 'em, can't shoot 'em damnit.

  25. Lionel Baden

    woot

    but how the hell did confiker actually take down the system ???

    it just sat there doing bugger all !!!

  26. Anonymous Coward
    Anonymous Coward

    Shame

    it didn't take out Sefton last week. The parking wombles are keen there.

  27. Jeff 14

    That's a lot of wyse terminals.

    They normally retail at about £200-£300.. that's a LOT of thin client terminals.. I guess that figure includes some sort of infrastructure cost too.

  28. Anonymous Coward
    Thumb Down

    £600K

    Buys a lot of thin clients, probably in the region of 1800 units!

  29. b166er

    Any chance

    this could be rolled out to all councils?

  30. Iain Thomas

    Disabling USB ports?

    I'm sure disabling the USB ports of any semi-recent computer will not go down well. USB keyboards and mice, y'see...

  31. Anonymous Coward
    Anonymous Coward

    Lotus Notes

    Is MCC still using Lotus Notes? LOL

  32. Sabine Miehlbradt
    Coat

    @northern monkey

    Conficker did not go the surgeons. It mistook paediatrician for pederast again.

  33. Steve 149
    FAIL

    What's new?

    Age old problem, management not knowing arse from elbow and not taking heed of good practice/advice. Plus not wanting to upset users that want to browse the 'net, show off their photos to colleagues and/or to listen music. Oh yes and everyone's an expert with IT because they have a computer at home.

    FAIL because they did.

  34. Anonymous Coward
    Anonymous Coward

    still got a job?

    So Park's policies, or inadequate information security policies lead to a disaster costing £1.5m

    Does he still have a job? Bet he's learnt his lesson now.

    I'm not surprised, government organisations always are slow to put in put place suitable procedures, policies. Having said that, I worked on one project where security was paramount and the USB ports were locked down. In fact, later they made it a crime to even be seen with a USB stick on site. But that's not your average branch of government I hasten to add.

    I remember working for one very well know and very important part of government, back in the end of the 1990's, if they wanted to order electronic components for a major development project taking place, we couldn't just ring up the supplier and place an order, heck, we couldn't even fax the order...how was the order placed? Write up the order on a form, send it to the typing pool at another location, have them type up the order onto more paper and then send it through snail mail to the supplier!

    So a week's wait just to place an order! Heaven forbid trying to place the order through a web site!

  35. Anonymous Coward
    Grenade

    Dorks

    Absolutely lovin dorks.

    The ICT team was probably earmarked for handling UK ID cards too?

    BTW: this brings up another favourite of mine...

    UK local authorities should as part of their annual statements to the public declare additional unexpected costs or losses.

    For example:

    £9 million lost in credit crunch (something about only investing what one is prepared to lose? Iceland? Public muni?)

    £1 million lost in breaches of employment law

    £1.x million lost by one (note the ONE) computer virus infection

    and so forth...

    Now daft as it may seem to you or I, UK local authorities don't seem to realise losses from budget mean that public is not best served. Nor do they seem to realise that as recipients of public muni they should also be fully accountable even if it highlights employee incompetences.

    Interim conclusion: MCC should be congratulated for its open accountancy and respect of the public and public muni (okay - that went to far but at least there appears to be one instance of accountability yes?)

  36. N2

    @ a lot of Wyse terminals

    Theyve probably stuck them in a (large) cupboard somewhere!

    Agreed, these costs should all be added to the TCO of windows

  37. EnricoSuarve
    Go

    @Tom 13

    I've worked with quite a few customer with various legacy NT apps etc that needed to run as administrator and often you find that actually they don't need to run as the actual administrator, they just need increased access to one or more areas of the hard disk; manually increasing the users access to these areas or files often resolves the problem without needing to go for a full blown admin account

    If this doesn't work the easiest way to get around software which really needs to run as the administrator is to create shortcuts to it using the runas command http://technet.microsoft.com/en-us/library/bb490813.aspx

    Neither solution is perfect but one usually does the job - hope they help if you're having this problem

    Either way, having some pieces of software which need admins access so giving ALL users admin access and not locking down autorun on USB sticks is pretty poor (No Iain Thomas you don't need to fully disable the USB ports, you could even fully disable USB Thumb drives and still allow mice and keyboards to work)

    I wonder if this level of council IT fail is why Manchester was selected for the ID card treatment? Presumably Jacqui waved the magic piece of plastic in front of the council chiefs' faces and was satisfied by the general response "ooh... shiny"

  38. firu toddo

    @ Iain Thomas

    'S Not really an issue. You can specify the device type to block, or at least we do.

  39. Lionel Baden
    Thumb Up

    @ Ian Thomas

    Nah its easy mate just edit the reg entry usbstor to 4 and that will disable all usb storage devices

    Very usefull ....

    but do remeber this will also disable usb cd drives (which new dells have for example)

    but then again if your disabling thumb drives burnable cds prove just a big a issue tbh

  40. Inachu
    FAIL

    Hahahaha

    Because they did not use combofix and they let their employee use their flash drives form home on their work computers.

    PURE FAIL

  41. KarlTh

    @Tom 13

    Blame the cretin who agreed to buy shite software that requires Admin privs to run. Hammer the provider until the provide a fix. That's what I do. Final sanction is "tough. Our policy says you can't run as admin. End of."

    Having said that, it's usually a case of sorting out the permissions on a few registry keys and system files.

  42. KarlTh

    @Tom 13 again

    If all else fails, give 'em a second account which has administrator rights but does not have the right to log on interactively. Give 'em a shortcut to "runas /user:domain\adminac ShitSofware.exe" and you're good to go.

    Never ANY excuse for people to log in interactively as admin, any more than you'd log into a Linux box as root.

This topic is closed for new posts.

Other stories you might like