I guess the question is whether we really expect that government IT is a highly sophisticated operation or that it's run with the same efficiency as the gasbags whom it serves. Friday, the Guardian reported that the House of Commons has been infected with Conficker, which is an "embarrassment," the paper says, since Microsoft announced a fix in October. The House relies on Symantec-owned MessageLabs.
Employees are now banned from bringing in flash drives.
Today, it seems the infection is more widespread. At the very least, it has penetrated the entire Parliament IT system. Will the ministries be the next to turn up infected? The National Health Service hospital systems and Royal Navy Fleet have also been infected, according to ITWire.
An email sent to "all users connecting directly to the Parliamentary Network" seems to indicate a massive level of unpreparedness. And as InfoPackets points out:
This is the exact reason why having the Government harvesting everyone's electronic data and outsourcing it will inevitably end up being a major disaster. All of this could have been prevented had the proper precautions been taken.Here's the email (via via News.com).
To: All users connecting directly to the Parliamentary Network
The Parliamentary Network has been affected by a virus known as conficker. This virus affects users by slowing down the Network and by locking out some accounts. We are continuining [sic] to work with our third party partners to manage its removal and we need to act swiftly to clean computers that are infected.
We are scanning the Network and if we identify any equipment which we believe is infected with the virus then we will contact you to ensure that the device is either removed from the Network or cleaned and loaded with the correct software to prevent this infection reoccurring.
You can help us to contain this problem and prevent new infection by adhering to the following advice:
- We are unable to clean PCs and portable computers which are either not switched on or which are not authorised devices. We therefore ask that if you are running a PC or portable computer not authorised to be on the Network that you take it off immediately.
- An additional characteristic of this virus is that for some types of files it can skip direct to the Network from a USB memory stick or other portable storage device (e.g. mp3 players) without hitting the virus checker software. We ask that for the time being you do not use memory sticks or any other portable storage devices on the Parliamentary Network.
- If you do identify a problem with the equipment you are running, please contact the PICT Service Desk on 020 7219 2001 when it reopens on Wednesday 25 March from 8am.
- If you are connecting using one of our remote access services, from a Constituency Office for example, a separate communication will be sent to you.
Director of Parliamentary ICT.