Missouri City’s computer and phone network still was experiencing spotty outtages Thursday morning, the result of what IT officials believe is an infection from the Conficker computer virus.
Phones and PCs went offline sometime Tuesday, according to city employees, and the network came back up before 9 a.m. Thursday. However, during a FortBendNow phone interview with a police official later in the morning, the line suddenly went dead.
“The phones went down again,” along with the computers, said Missouri City Police Capt. John Bailey, who was using his cell phone and a laptop computer to conduct business.
Also known as the “Conficker/Downadup” worm, Conficker has infected millions of computers running Windows worldwide since October of 2008, even prompting Microsoft to offer a $250,000 reward in February, to bring the bug’s authors to justice.
Barbara Brescian, Missouri City’s communications director, said Thursday city IT employees purposely took the city network down, after discovering the presence of Conficker.
“We have no idea if it would have spread to everyone, but at the point that five or 10 computers were hit, they had to shut it all down,” she said.
Brescian and Bailey both said the city’s police and fire department dispatchers and the 911 emergency system were unaffected by the outtage, running on separate phone lines.
But police dispatchers couldn’t communicate by phone to individual officers or detectives.
Brescian said that, to her knowledge, no data was compromised during the incident, although a system security assessment is being conducted today to find out for sure.
Brescian also said IT personnel are unsure how Conficker entered the city computer network. She said city officials decided to make public the fact that Conficker was behind the network problems, so that other network administrators are aware they need to consider steps to beef up security.
“We wanted to specifically identify the culprit so we can properly protect against it and anything of this magnitude in the future,” she said Thursday morning.
Ironcially, according to computer security experts, anyone running Windows on a PC would’ve been protected against the Conficker just by keeping up to date with Microsoft security patches.
The company issued a patch to protect against the Conficker worm in October 2008.
But with hundreds, or sometimes thousands, of PCs on large corporate or institutional networks, making sure an entire network is up to date with its security patches can be a somewhat daunting task.
And the Conficker is no garden-variety computer virus.
Despite the fact that security experts have known about and attempted to track and stop the worm’s progress since at least October 2008, propogation tricks built into Conficker by its creators have kept steps ahead of its pursuers.
Today it’s believed the worm has taken control of computers inside millions of homes, inside universities and government offices – and even military computer systems in at least three nations – Germany France and Great Britain.
After security experts learned to plug some loopholes Conficker had been exploiting, its authors, in late December, released an “upgraded” version of the virus.
Among other new exploits, the new version of the worm was able to travel from infected PCs into their USB drives. If those drives were connected to other computers later, the updated Conficker would move into those machines as well.
Infected computers have since been instructed by the Conficker virus to visit specific newly created web sites. Once there, newer, more powerful versions of Conficker are waiting to be downloaded to the infected PCs.
Today, security experts believe, the Conficker authors control a huge network of so-called “zombie” comptuters – most infected with the worm while their owners remain unaware.
So far, no one has collected Microsoft’s $250,000 reward.
