A single careless computer user cost the Ministry of
Defence £10m after accidentally unleashing a computer worm, a
military report has revealed.
MoD technicians spent more than four weeks isolating and cleaning
computer systems across 30 sites after the Lovgate worm struck last
year.
Lovgate spread rapidly when it first struck in February 2003. It
reproduced by sending e-mails which masqueraded as a reply to the
victim and by copying itself to shared network folders.
The worm left a back door on infected machines which could have
been exploited by hackers.
The MoD believes the worm was introduced onto its systems by a
single user who infected an MoD computer by inserting a floppy
disc.
Had Lovgate not been a relatively benign virus, the impact of the
infection could have been far more severe, the report
revealed.
Last month, Lord Bach, government spokesman for defence, told the
House of Lords that Lovgate had not damaged national security.
"There has been no recorded degradation to UK military readiness;
the systems affected by the Lovgate virus did not have a direct
impact on operational networks," he said.
The MoD has suffered 71 virus and malicious code infections since
it began keeping records in May 2002. They have included two
MyDoom, one Sobig and five Netsky infections.
The Army has been hit 18 times, the Navy 14 times, the RAF 19
times, the MoD central operations four times and the Defence
Procurement Agency three times. Two-thirds of the viruses spread
across MoD networks, and one-third were isolated in standalone
computer systems.
The time taken to remove the malicious programs from infected
systems and restore normal operation ranged from a few hours to
three days, Bach revealed. "The MoD system and network
infrastructure is continually monitored, with defence in depth at
key points to prevent cross-infection," he said.