February 09, 2009, 8:27 PM — A highly disruptive Internet worm has claimed a new victim: the French navy.
The worm, known as Conficker, forced the navy to voluntarily cut network connectivity to stop the worm from spreading on its Intramar network last month. Web browsing and email messaging on the network were disrupted, and some users were forced to rely on more conventional means of communication such as the telephone, fax or postal system, navy spokesman Jerome Erulin told the Ouest-France newspaper (in French). The French navy could not be reached immediately for comment on this story.
Reports indicate that the worm was probably introduced when an infected USB drive was plugged into a computer on the network, probably by a soldier who was working from home. One of the ways Conficker has spread is by infecting things like flash drives and cameras and then copying itself onto PCs when they are plugged in. The worm can also spread throughout a local area network, but it is usually blocked from jumping to other networks by firewall software, which has kept it from becoming much more widespread.
Erulin told Agence France Presse (AFP, in French) that the infection was first detected on Jan. 12, nearly three months after Microsoft issued an emergency Windows patch for the vulnerability that Conficker exploits.
He disputed a report in Intelligence Online that the worm had grounded the French navy’s Rafale fighter jets, saying the worm did not affect operational systems. "The operational networks are much more secure," he told AFP.
The French navy isn't the only organization that didn't patch its systems in advance of the Conficker outbreak. Security experts believe the worm has infected more than 10 million computers worldwide, and it is reported to have infected low-level systems within the British military.