Virus Infiltrates Computers at Tuscan Police Department

Virut.cf, a malicious computer virus, has disrupted work on nearly 200 systems at the US Tucson Police Department (TPD) reportedly for a minimum of two weeks.

The reports state that someone, who was unknowingly using a TPD laptop, loaded the virus on it on April 18, 2009. As a result, certain elements of the system at the police department closed down.

Subsequently, the virus proliferated to several department PCs and tried to transfer data via IRCs (Internet Relay Channels). Although the virus confined itself to the overall computer network at the department, the infection spread to several other machines that shared files with the networked PCs.

The security investigators at the Tucson Police Department state that Tucson City computers were using two editions of one antivirus program obtained from Symantec. Only those computers were infected that used the older edition, the investigators noted.

According to Ann Strine, Chief Information Officer of Tucson City, the virus actually emerged on the morning of April 20, 2009 when people started work on their PCs, as reported by TucsonCitizen on April 22, 2009.

Furthermore, the Police Department disclosed that emergency services were not affected due to the malicious 'Virut.' However, the Department shut down its connection with databases related to national crime to stop the malignant code from spreading.

Patrol car communication systems and laptops were safe from the virus as they operated from separate networks. Despite that, some officers on duty were not able to access records, input evidence or write reports for several days.

According to Strine, there might be no persistent issues due to the virus as no folders were totally destroyed. She said, officers were informed about the malevolent program through messengers, phone and e-mails.

Ultimately, Strine said that authorities withdrew all the affected computers from operation and isolated them, as reported by TucsonCitizen on May 6, 2009.

In the meantime, Symantec's website indicates that the company was first to detect the Virut.cf worm in February 2009. Although Virut.cf proliferates as a virus via shared points on open networks, it also behaves like a Trojan, furtively harvesting folders and implanting itself.

Related article: Virus Infects Through USB Drives

» SPAMfighter News - 5/16/2009