Conficker Trojan Attack on Manchester City Council Incurs Loss of £1.5 Million
Manchester City Council was unable to issue hundreds of motoring fine notices within a stipulated time after an attack by the notorious Conficker virus disabled sections of the Councils' IT systems.
Many drivers who were caught violating rules escaped penalty as the fine processing system at the town hall had to be disconnected from the Internet during February 2009 due to the virus' infection. Consequently, 1,609 tickets could not be issued within the prescribed time of 28 days that resulted in the city council forgoing a huge £43,000.
A recently published study report -"Service interruption resulting from ICT disruption in February 2009"- revealed the assumptions regarding the severity of the Conficker's impact on just one city council, which apparently hadn't enforced the primary security solutions. The report highlighted that the monetary expenditure that the Manchester City Council incurred due to the Conficker incident amounted to £1.5 Million comprising cleanup operations and lost income during the affected period.
Cleanup expenditure along with consultancy fees accounted for an estimated £600,000. In addition, IT experts of the council expended another £600,000 on the computer that maintained backup.
Further, Manchester Evening News, which conducted an investigation, discovered that the costs involved a bill of £1.2 Million that included £600,000 as consultancy fees for resolving the problems. This amount also included Microsoft's experts drafting expenditure; and £178,000 towards engaging extra staff all over the city's town hall with the amount including £169,000 to pay overdue benefit claims, tax bills of the council and compensation payments because of extra time incurred for handing out benefit claims.
While the virus attacked, it prevented the council's staff from sending e-mails, viewing data files and printing out documents. The staff also had to rely on paper back-ups that consumed considerable time. The infection naturally succeeded as there were no antivirus solutions, security patches, IPs in place, or overall security consciousness among the staff.
Further, it resulted in numerous unprocessed driving fines on account of service disruption, ban on USB devices, installation of new AV and patches, and many infected laptops that meant large cleanup costs.
Related article: Conviction of First Felony Spam in Virginia Upheld
» SPAMfighter News - 23-07-2009