Virus brings Norfolk's computers to a screeching halt

NORFOLK

A "malicious code" similar to a computer virus forced city officials to shut down most of the city's computer system for more than a day last week, and city officials still don't have access to their data files.

Some city officials don't have access to their e-mail, and staff are cleaning hundreds of infected computers, one by one.

Hap Cluff, director of the city's Information Technology Department, said none of the city's information was lost or damaged.

"The security of our data has not been compromised," he said. He said he hopes all computer systems will be operational by Thursday morning.

The city has about 4,500 computers at various locations. At least 700 of the computers were infected, Cluff said, adding that it takes about an hour to safely disinfect each computer.

Although only 11 of the city's 150 computer servers apparently were infected, Cluff ordered "a deep scan" of all of the city's computer drives that began on Sunday and won't be done until this evening at the earliest.

That means that at least until Thursday morning, everyone in city government - from the city manager to social workers to the police - will not have access to their files.

Sheriff Robert McCabe said only some of his staff has access to e-mail.

"We're booking inmates into the City Jail by hand," he said.

Commissioner of Revenue Sharon McDonald said working without access to computer files "is a bit tough. However, this has not affected any of the work that we do for our customers."

The treasurer's office shut down a day last week because of the computer problems. "We are limping along as best we can," Assistant Treasurer Cathi Mullins said.

Officials aren't sure how the code infected the system, but they say they don't believe it came from the Internet, meaning it likely was introduced by someone with access to the city computer network.

"It could have been an unsuspecting employee or contractor," Cluff said. He said it was likely a "time bomb" that could have been downloaded long ago and was set to go off at a certain date.

Cluff said he doesn't think it's an intentional attack. However, the police are investigating.

Cluff said he's never heard of a city or county the size of Norfolk having its computer system attacked in this way. Officials in Chesapeake, Portsmouth and Suffolk confirmed they have never experienced such a malicious code.

"But that doesn't mean it won't happen tomorrow, because it can happen to anyone," said Mark Gardner, Portsmouth's IT director.

The problem was discovered by Cluff's staff Feb. 9 and the computer system was immediately shut down.

Cluff and his staff have been working as many as 18 hours a day since the crisis emerged. "The fact that we stopped it with zero data loss and no applications damaged is a tribute" to the IT staff, Cluff said.

Officials from Symantec, a virus protection firm, flew in to Norfolk on Thursday night and have been working with city officials since Friday.

The malicious code did not affect the hundreds of computers available to the public at city libraries, Cluff said.

Curiously, he said, only employees who were trying to save energy by turning off their computers when they left work ended up with infected computers.

Pilot writers Dave Forster, Linda McNatt and Mike Saewitz contributed to this report.