Government network hit by Conficker worm as trail of poor management exposed

News by Dan Raywood

The parliamentary IT system has been hit by the Conficker worm.

The parliamentary IT system has been hit by the Conficker worm.


Channel 4 News has revealed that it sent an email to MPs, lords and their staff and revealed that parliament's IT network seems to be completely unsecured. It claimed that as parliament's systems have become infected, it implies that its anti-virus software has not been updated in some time.


A spokesman from the Houses of Parliament refused to tell Channel 4 News when their anti-virus systems were last updated.


Peter Sommer, professor of information systems at the London School of Economics, told Channel 4 News: “Having a virus checking programme without it being frequently updated and protecting you against all threats is quite frankly a waste of time.”


An email was sent to parliamentary staff warning them about the virus, which instructed: “We therefore ask that if you are running a PC or portable computer not authorised to be on the network that you take it off immediately.”


Channel 4 News claimed that this implies that it has historically been the case that laptops and other computers have been able to connect to the parliamentary network without prior authorisations, virus checks or firewalls.


Channel 4 News repeatedly asked parliament why this was the case, and was told that the spokesperson was unable to answer the question.


Rob Cotton, CEO of IT security company NCC Group, told Channel 4 News: “This incident clearly shows, once again, that when it comes to even the most basic of security procedures, parliament is lagging behind everyone else.


“One of the foremost rules of good corporate IT governance is that machines not regulated by the organisation should never be allowed to connect to its network, and for good reason. For the parliamentary network to have to ask all unauthorised computers to be taken off its network is, frankly, embarrassing."


He further claimed that the administrators are not doing their jobs properly if a well-publicised problem is causing problems. He said: “This particular virus is one that has been around since November last year, and security updates and patches have previously been issued to deal with it.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews