Manchester City Council pays $2.4m in Conficker clean up costs
Summary: How severe can the impact of the Conficker worm be on a single city council that has apparently not implemented basic security solutions in place?Pretty severe according to a recently released a report entitled "Service interruption resulting from ICT disruption in February 2009" which details the financial costs of a Conficker incident affecting Manchester City Council's network - 1.
How severe can the impact of the Conficker worm be on a single city council that has apparently not implemented basic security solutions in place?
Pretty severe according to a recently released a report entitled "Service interruption resulting from ICT disruption in February 2009" which details the financial costs of a Conficker incident affecting Manchester City Council's network - 1.5 million pounds in clean up costs and lost revenue from the downtime.
Where did all the money go, and can this incident cost be used as an average to draw conclusions from in the long term in respect to assessing Conficker's financial impact on affected networks? Let's find out.
The infection obviously caught them off guard, since no antivirus, IPs, patch management solutions or general security awareness were in place. The results came shortly - hundreds of unprocessed bus lane fines due to service disruption, post-infection network-wide USB device ban, installation of antivirus software and patch management solutions, and a thousand Conficker infected laptops accumulating such a hefty clean up bill.
According to the audit report, 600k pounds went for consulting fees support and expertise and another 600k for the purchase of Wyse terminals to replace the PCs which have been affected. The report always tries to emphasize that the purchase of the Wyse terminals has been budgeted long before the Conficker infection took place, which I doubt based on single sentence within the incident response document attempting to explain how Conficker attacks - "The Conficker virus attacks ICT systems by what is known as a “denial of service attack”.
- Go through related Conficker posts: Conficker's estimated economic cost? $9.1 billion; New worm exploiting MS08-067 flaw spotted in the wild; 3.5m hosts affected by the Conficker worm globally; Conficker worm’s copycat Neeris spreading over IM; Fake “Conficker Infection Alert” spam campaign circulating
In April, the Cyber Secure Institute estimated that the economic cost of Conficker is as high as $9.1 billion based on the average cost for related malware incidents analyzed in their previous studies. The high cost was once again accumulated by considering the purchase of counter-measure software, a cost which is also pretty evident in Manchester City Council's case, once again indicating a blurred perception of pre-malware infection costs and post-malware infection costs where no security solutions are active in the fist place, naturally increasing the size of the bill.
The 1.5m pounds cost incurred by Manchester's City Council may not be the real Conficker cost, but the cost for the lack of basic security awareness which would have prevented the infection or mitigated its impact. A matter of interpretation or not, the money is gone, and it's money gone in times when Conficker remains in stand-by mode.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
And let us not forget the costs of people refraining from performing
Incalculable costs really.
They could have saved 2 million by
[i]The infection obviously caught them off guard, since no antivirus, IPs, patch management solutions or general security awareness were in place[/i]
Linux servers with the FAA, Apple botnets via illegal downloads, the story is all the same.
Shoddy oversite, plain and simple.
I imagine a few people will be looking for new employment shortly...
Making up poor excuses again, hey Misguinding Light?
It is only an excuse when it is not fact
What is your excuse for the FAA server (or any Linux server) being hacked? What is your excuse for the OS X botnet?
What is your excuse for those running Windows systems that were not compromized at anytime.
I understand people like you hate facts, that you wish to blame Microsoft for everything, and Apple or Linux for none, but the bottom line, the undeniable truth, is that anyone using any operating system, who stay on top of it, do not generally have these issues.
Please grow up and learn to deal with the truth, will you not?
First you prove your <s>facts</s> <u>claims</u>
They have been proven time and time again
When the FAA server, or FBI server were hacked, they were hacked: the bloggers did not make up false stories claiming they were hacked, they were hacked, and in the news.
The OS X botnet was a true story, it was not made up by an imaginative mind looking to fool everyone, it exists for preciesly the reasons reported on: It was installed while installing a pirated copy of iLife.
The blog above comes straight out and say what the audit determined.
Not a claim, but a fact.
If I recall well, in that FAA case it all started with a windows virus
As far as I know that system still has thousands of windows clients on it, and a few windows servers. How can it be safe being that way?
lol, so your plan is, blame windows for a linux hack?
They could have saved 2 million just by installing a basic AV package.
Which apparently they did have...
Their problem looks more like their av systems were behind in patching/updating on enough systems that they got hammered. It also seems they weren't as strict with their users about what to do or not do to mitigate risk. Mind you, their end users are not "highly trained IT gurus" who sneeze active directory hierarchies and such.
That and they seem to have a lot of laptops which are nasty to keep secured in any meaningful way at the best of times.
Of course some of the "usual suspects" here in zdnet would never have anything bad happen to their systems like this, and they don't even use av!
LOL
LOL. Thanks, I've got to remember that one.
See what you get when you reply to an idiot?
P.S. That was some good analysis, by the way.
Awww.... now see.
See what happens when you run your stupid mouth when you have absolutely no idea what the hell you're talking about? You wind up looking like the trolling fool that you are, FOOL!!!
nonzealot should be ashamed for b!tch-slapping a dullard like you over the last few days... I can see now that it's hardly been a fair contest.
Did you believe you could escape that easy?
Huh?
Who knows, he's probably in line for an iPhone or something.
@zkiwi
Heh... that's twice you've given me a good chuckle this afternoon.
And now, I'm off to prepare for the July 4th festivities. Have a pleasant weekend.
When the graceful exit fails there's always the option to go off on retreat
don't forget the wickedly clever
That's an option some chose instead of full retreat.
They could have saved more than that by
They were. (nt)