back to article Kwik-Fit hit by MOT fail, that's Malware On Target

Car servicing chain Kwik-Fit has suffered a malware attack that has caused delays in customers' car repairs. The company initially would only confess to El Reg that it had been infected by an unspecified "virus" in its "IT network" over the weekend, and the BBC later reported "malware" was to blame. Kwik-Fit told us: "We …

  1. Tigra 07
    Facepalm

    Too bad they couldn't continue operating as normal with paper records, and just update everything when the system is scrubbed clean and restored. Sounds like Kwik-Fit needs better admin staff, and kwik!

    1. Anonymous Coward
      Anonymous Coward

      re: Too bad they couldn't continue operating as normal with paper records,

      Er, the 1980s called and want their systems back.

      One of the more dangerous ideas - hopefully slowly dying as the old gits die off - is the notion that when systems go titsup there's a magical paper alternative just waiting to take over.

      There isn't.

      For most companies apart from man+dog outfits, loss of system is loss of everything. Remember those banks that had outages a while back. No amount of paper would have got them working again.

      One of the most common risks I see in most companies today is a total ignorance of how essential IT is to their actual core business - be it widget fiddling, insurance, brewing or processing blood tests.

      1. m0rt

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        "One of the more dangerous ideas - hopefully slowly dying as the old gits die off - is the notion that when systems go titsup there's a magical paper alternative just waiting to take over."

        Air traffic Control have paper systems in place. Not ideal, but certainly doable and keeps things running to prevent firey death.

        it is entirely possible to handle scheduling as a manual task should core systems go offline. It is called planning. But it does seem that is also dying off as the cocksure tits like you seem to take over thinking that modern tech is an unstoppable force. Until the odd flood/JCB/hurricane/snow/earthquake/human condition related issue puts pay to that.

        Let just hope you don't work in medical related technology.

        "One of the most common risks I see...processing blood tests"

        Oh shit, Nevermind then.

        1. gazthejourno (Written by Reg staff)

          Re: Re: re: Too bad they couldn't continue operating as normal with paper records,

          Not sure about air traffic control. On the rare occasions when UK ATC systems down tools and go to the pub, everything stops: procedural control is so rarely needed that it's no longer trained in places that don't use it day-to-day.

          1. Anonymous Coward
            Anonymous Coward

            Re: re: Too bad they couldn't continue operating as normal with paper records,

            The UK NATS only phased out paper flight strips last year. They've been replaced by... a direct electronic emulation of paper flight strips (EXCDS).

            1. Doctor Syntax Silver badge

              Re: re: Too bad they couldn't continue operating as normal with paper records,

              "They've been replaced by... a direct electronic emulation of paper flight strips (EXCDS)."

              So it the system goes down they could use paper strips to emulate the system that emulates paper strips.

        2. TheMeerkat

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          There is a difference between air traffic control and tyre fitting outfit. The latter does not have money to spend on keeping trained staff with ability to think which might be needed once in five years.

          1. Anonymous Coward
            Anonymous Coward

            Re: re: Too bad they couldn't continue operating as normal with paper records,

            Given the new system has only just gone in...that means it shouldn't happen for about five years or potentially 9 years...I'm finding that hard to believe ha ha!

            Looks like they need that procedure and training.

        3. Nursing A Semi

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          "One of the more dangerous ideas - hopefully slowly dying as the old gits die off - is the notion that when systems go titsup there's a magical paper alternative just waiting to take over."

          Only correct in ill prepared and badly managed companies.

          Not that long ago I was involved in a project to replace the majority of back end IT equipment at an airport. We were supposed to commence work post midnight after last passengers had left the building, but when fog thick enough to cut with a knife rolled in at around 8 PM all further arrivals were diverted and all departures cancelled.

          By 9 PM someone gave us the go ahead to start work as the extra hours would give us a greater chance of hitting or 6 AM target.

          By 9:30 fog had vanished and before 10 we were told planes would be landing and taking off again in short order. Unfortunately just about nothing IT related was working, no check in desks, no passport scanners, no bag tag printers and no gate readers all of which effect the passenger flow "back end systems within the airport also down but ATC had separate systems so presumably all OK".

          Staff broke out A4 pads and some propriatory printed sheets and carried on as normal. Few grumbles here and there but basically business as normal.

          Now if you can handle something as IT heavy as airline and airport management without any working IT, I would think customer A, needs to have part B fitted, at time C, in location E and overcharged by percentage F should be a walk in the park.

          1. Peter2 Silver badge

            Re: re: Too bad they couldn't continue operating as normal with paper records,

            The issue is the level of productivity enabled by IT compared to manual processes is on the order of 10x in many industries.

            Reverting to a manual paper process therefore means that staff are at absolute best capable of running at about 10% of normal capacity. Using an unfamiliar process that a good three quarters of the staff need training on probably means they are running about a third to half of the speed that is theoretically attainable, so real world you'd probably actually be down to about 3%-5% of normal productivity.

            Even if your in a low impact industry where IT has "only" doubled the productivity of all staff, your still looking at only being able to get one half of the jobs done.

            For somewhere like Quack Fit the people looking at your car plug it into a computer, ask the computer what's wrong and then it tells them "replace part X92624510", the part fitters drive the car back into the carpark and get the next one while the admin types get the parts, and then when the parts come in the admin types tell the parts fitters and then they get the car and fit them.

            When the computer doesn't work then they actually have to revert to skill and experience to debug the problem. As skilled or experienced staff are more expensive, experienced staff tend to end up working for an independent garage they as a general rule don't have either hugely skilled or experienced staff which means that all of the jobs take very considerably longer.

            As their workload is based around not actually figuring out what the problem is, and just relying on the diagnostics being right they are buggered without the computers.

            Now, my mechanic wouldn't notice his computer being down. But he wouldn't notice that because he doesn't need it for anything but printing the bill out nicely, and he's quite happy to do that on a sheet with a pen. I've driven up to the door when he's been expecting me before and he's just told me what's wrong with it by the sound the car makes, and 40 odd years experience.

            But for some reason people would rather regularly pay parts fitters for perfectly good parts to be replaced than pay a mechanic an hours labour to fix the underlying cause of a problem.

            1. Doctor Syntax Silver badge

              Re: re: Too bad they couldn't continue operating as normal with paper records,

              Reverting to a manual paper process therefore means that staff are at absolute best capable of running at about 10% of normal capacity. Using an unfamiliar process that a good three quarters of the staff need training on probably means they are running about a third to half of the speed that is theoretically attainable, so real world you'd probably actually be down to about 3%-5% of normal productivity.

              Then train them. Make it part of the business continuity plan.

              Even if your in a low impact industry where IT has "only" doubled the productivity of all staff, your still looking at only being able to get one half of the jobs done.

              So you have the choice of getting half the jobs done or no jobs done. Ever heard the saying "half a loaf is better than no bread"?

            2. John Brown (no body) Silver badge

              Re: re: Too bad they couldn't continue operating as normal with paper records,

              "For somewhere like Quack Fit the people looking at your car plug it into a computer, ask the computer what's wrong and then it tells them "replace part X92624510", the part fitters drive the car back into the carpark and get the next one while the admin types get the parts, and then when the parts come in the admin types tell the parts fitters and then they get the car and fit them."

              The majority of customer visits are still for tyre, exhausts and brakes. They should still be able to carry on using the on-site stock and write out paper records of what they used and for invoices. They could probably still place orders over the phone though when they might turn up depends on how well the warehouse can manage without their IT systems.

              1. Peter2 Silver badge

                Re: re: Too bad they couldn't continue operating as normal with paper records,

                Stock? On-site stock? That went the way of the dodo a very, very long time ago. Nobody other than used tyre dealers holds significant amounts of on site stock. Half the "stock" you might see stacked up against the walls in garages are used tyres and parts waiting for the scrap dealer.

                Omnipart allows technicians to see both local and national stock levels, as well as price checks, in real time so that garages can have an indication of how long it will take for a part to be delivered. Each Euro Car Parts account customer gets their own Delivery Commitment Service Level Agreement, with stock held in local branches being delivered to garages in as little as 30 minutes or, if a part is stored at a regional distribution centre, within as little as two hours depending on a workshop’s location.

                http://corporate.eurocarparts.com/news-and-events/detail/1244

                That's ECP. Also see Andrew Page for the other major competitor, with a wide variety of more specialist suppliers.

      2. Tigra 07
        Thumb Down

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        "One of the more dangerous ideas - hopefully slowly dying as the old gits die off - is the notion that when systems go titsup there's a magical paper alternative just waiting to take over.

        There isn't."

        That's a complete load. We deal with hundreds of orders a day and we have a paper system ready to go for emergencies. So do our largest supplies and last i heard so do our competitors. I can see why you posted anonymously.

        1. Prst. V.Jeltz Silver badge

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          will nobody think of the paper!

          whatever you've got on paper could be on a separate PC , hostname: Filecabinet , RAID type storage setup in it , 4tb should do , considering the size of a sensibly scanned A4 you could get 20 years of paper in it.

          Then your whole firms network can melt down , the ISP could go down , the bank could fuckup ... whatever . Youd still have your "paper" records .

          Just in a useable searchable format.

          local cache id the crux of the matter

        2. DaLo

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          I doubt it is all rubbish it is an exercise in risk. You aim to mitigate risk and put procedures in place and analyse the impact. Sometimes pen and paper might suffices. Sometimes it's running a script every hour to create a report of all current orders/customers etc which is save to a different location.

          However the idea that every organisation can revert to paper just because some can is a fallacy. Even in some case where they could revert to paper you can get to a stage where that data would need to be reentered into a system before any new data (so the new data also has to be handled manually) can be accepted once it is back up. After a certain period of down time (will vary for all systems and organisations) you can get to a point where the outstanding queue of data becomes too large to be able to re-enter.

          I would always look to engineer a fallback to the lowest common denominator, however sometimes it is not possible and you have to accept that if there is a systems failure, you're better off shutting up shop until it is resolved and then re-opening again and hope you don't go bankrupt in the meantime.

      3. jake Silver badge

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        Speaking as an "old git" who has no intention of dying off any time soon, all I can say is that I just point and laugh when you youngsters melt down into catatonia when your so-called "smart" phones and other iFads stop working for five minutes.

        Every corporation I have ever built a data center for has a "worst case" backup plan to carry on working should the computers stop functioning. It's a worst-case "when, not if" scenario, that probably will never happen ... but they are ready for it anyway. Yes, it is tested (checking the functionality of the Big Red Button at the same time). Cheep insurance.

        Apparently, you, AC, will never be ready for the inevitable. Just something to ponder.

        1. Prst. V.Jeltz Silver badge

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          " "worst case" backup plan"

          Its not paper though is it?

          1. Anonymous Coward
            Anonymous Coward

            Re: re: Too bad they couldn't continue operating as normal with paper records,

            Our worst case recovery plan is also printed and kept in a very safe place away from the DC, it is also tested on a regular basis.

        2. Aladdin Sane
          Coat

          Re: melt down into catatonia

          It's all over the front page...

      4. Doctor Syntax Silver badge

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        "For most companies apart from man+dog outfits, loss of system is loss of everything."

        You're probably correct in that many businesses don't have anything to take over. Others, however, have plans under headings such as disaster recovery, business continuity or just plain contingency planning.

        Those that don't and survive are quite likely to have such plans in the future once they've learned that hard way that it can happen to them. It's possible that these plans will be dropped when a new, younger manager comes along and thinks the plans are an old-gittish waste of money.

      5. Anonymous Coward
        Anonymous Coward

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        If you take the principle of what he's saying then he's bang on.

        The Kwik Fit sites are full of tyres and parts and get daily visits of customers needing those parts they just need installing.

        Kwik Fit only went from paper to fully digital in the past year so where is the manual backup system?

      6. Wincerind

        Re: re: Too bad they couldn't continue operating as normal with paper records,

        Ah yes the "old gits". They'd be the ones who don't look at a pencil and ask where the keyboard for it is. I guess you posted anonymously in case you mum gave you a slap.

        1. DCFusor

          Re: re: Too bad they couldn't continue operating as normal with paper records,

          Obviously you're out of touch. Now they just ask for the voice interface trigger phrase for the pencil.

    2. Anonymous Coward
      Anonymous Coward

      Still working........JUST!

      I got a tyre from these guys earlier this week and yes they are using paper. Took my details (payments etc) and invoice amount in the old fashioned (but working) carbon copy pad way. I was even asked to provide my e-mail and was told that once systems were back online they would process all these carbon copies manually and I would get the e-mail confirmation that the money had been taken from my account.

      While I was there waiting it became obvious:

      1) They can't support their Fleet business very effectively - they were only allowed by head office to do Fleet work where the car was illegal but weren't allowed to do proactive maintenance without their system being up.

      2) I was told their systems did sometimes come back up but only for a short time (if that's so it's less likely to be Ransomware), so I could get charged at any point.

      With all that said, the work was done on Tuesday and I haven't yet had the e-mail confirming payment processed. I don't know what their working capital situation is but of they can't process payments for even the work they have done things could get very tricky for them!

      1. Anonymous Coward
        Anonymous Coward

        Re: Still working........JUST!

        You can still process the card payments, you need to send them in to the bank and they take a bit longer. However they might prefer to wait until the system is online so all the card payments will be entered manually onto the system so they don't lose reporting invoice/payment records etc. However I would not like to be the work experience bod in accounts who now has to enter 57,000 credit card slips manually into the system, without making a mistake.

        Even last year our new business banking partner was surprised when we asked to order a large number of manual card imprinters alongside the PDQs so we could always revert back to manual payments if needed.

    3. Hans Neeson-Bumpsadese Silver badge

      I was in a large hardware store a while ago and there was a major power cut to the area. I was quite impressed with how the staff handled it....

      Two people per till

      Person 1 had their smartphone open on the company's online webstore

      Person 2 read out bar codes, person 1 looked up the prices, which person 2 wrote down on two separate bits of paper

      Add everything up manually, cash transaction (having first jemmied the til open) and give one bit of paper to the customer as a receipt

      Retain the other bit of paper to reconcile everything later on. I don't think they actually knew what that process was, but at least they came up with a system which kept customers moving (albeit a little slowly) and captured all the necessary information.

      1. Doctor Syntax Silver badge

        "having first jemmied the til open"

        Did they put the jemmy back in stock?

        1. jake Silver badge

          "Did they put the jemmy back in stock?"

          Don't be silly. It went back under the counter with the other "house" screwdrivers.

  2. Rameses Niblick the Third Kerplunk Kerplunk Whoops Where's My Thribble?

    A customer who asked the firm via Twitter when its systems would be back online was told it didn't know.

    If the ability of their IT staff is up there with the ability of their mechanics, I wouldn't hold your breath.

    1. TRT Silver badge

      Give them a break... they're tyred and exhausted.

      1. Christoph

        They should have practised safe computing and used a rubber

      2. Anonymous Coward
        Anonymous Coward

        Give them a brake?

        1. Dippywood

          Oil be the first to say that you wouldn't make brake puns if the shoe was on the other foot. For anyone following this t(h)read, it's just a battery of bad jokes. Perhaps time to (fan) belt up and watch the company tracking its way to the hub of the issue.

          I feel better now. Wheely I do...

          1. Korev Silver badge
            Coat

            To be honest I'm feeling a bit flat...

    2. paulf
      Flame

      Last work I had done at Kwik Fit (many years ago) was a replacement exhaust. About 18 months later the Catalytic converter failed its MOT. I returned to the centre as it was still under warranty. It was being run by a 17 year old as the manager had gone AWOL. One of the "mechanics" put some fuel treatment in my petrol tank saying that would sort the problem out (it didn't but I was naive). After another MOT fail I took it to another KF centre and they agreed the Catalytic converter was faulty and rectified it under warranty. Another time I went in to get my AC regassed - they did a high pressure sell on a new set of 4 tyres (a type I didn't normally buy but they were on "offer") even though every tyre had at least 5mm tread (Note: for anyone not familiar in the UK minimum legal tread depth is 1.6mm and when new those tyres had 8mm of tread).

      Scumbags every one of them - couldn't happen to a nicer more deserving company.

      1. Doctor Syntax Silver badge

        "they did a high pressure sell on a new set of 4 tyres"

        Similar experience many years ago. I had a tyre replaced. A few days later they phoned for a "customer satisfaction survey" which turned out to be a few perfunctory questions by an attempt to sell insurance. Another customer lost.

  3. sgrier23

    Kwitk-Fit, "Their the boys to trust" - NOT

    This is the funniest news I have heard about Kwik-Fit in a long time, It's typical of Kwik-Fit, no virus killer on their servers or desktops / no spam email filer on their email servers / no malware detector-destroyer on any systems and it could not happen to a better company.

    Hopefully this company will flow down the drain - where it belongs.

    1. Anonymous Coward
      Anonymous Coward

      Re: Kwitk-Fit, "Their the boys to trust" - NOT

      Do you know that for sure or are you just guessing.

      If the former please tell The Reg what happened so we can all read it...if we don't I guess your just well um guessing.

  4. Mandoscottie

    surprised they were not hit with wannacry last year, then again perhaps it needs at least Win 95b to wreak havoc, clearly cant infect W3.1 due to lack of 21st century icons or something.

  5. TRT Silver badge

    Someone...

    put a spanner in the works.

    1. Anonymous Coward
      Anonymous Coward

      Re: Someone...

      The IT dept must be under a bit of pressure.....

      They must be working flat out.....

      And the management are fuming...

      The wheel may have come off their server.....

      maybe they have a nut loose......

      1. TRT Silver badge

        Re: Someone...

        They can deal with shocks...

  6. adnim

    cheap parts

    yet expensive.

    Perhaps someone was pissed at the invoice

  7. security-guy
    Facepalm

    That must be exhausting & tyreing .........................

  8. Richard Jones 1
    Joke

    Start of a bumper year - for puns?

    As the title. Start of a bumper year for pun activity,

    Have their wings come off,

    Got some 'B's in their bonnet,

    Something nasty hit their fan,

    Someone put the boot in.

    etc.

  9. Anonymous Coward
    Anonymous Coward

    Can't get better than a Kwik-Fit fitter.

    Can.

    1. IWVC

      Re: Can't get better than a Kwik-Fit fitter.

      Kwick fit always reminds me of Auntie Wainwrights shop in last of the summer wine. The uninitiated go in for a tyre replacement and come out with 5 new tyres, new discs and pads, a new exhaust and windscreen wipers. Apart from the initial tyre none of the other bits really needed but the fitters must make more on commission than hourly rate. I don't go there normally but a couple of years ago I was forced to get a replacement battery from there and as things were quiet they did a "safety check" (without asking) and informed me my oil level was dangerously low and wanted to put 2 litres in. I then checked the oil level in front of the "Kwik-Fit fitter" using the dipstick which showed it was perfectly OK. Apart from the cost of 2 litres of oil, overfilling to that extent would have damaged the engine. Even if they had a paper system to cover IT failure I wouldn't have much confidence in them working out the price properly

      1. Anonymous Coward
        Anonymous Coward

        Re: Can't get better than a Kwik-Fit fitter.

        I picked up a flat tyre in their yard, which I had to pay for. They blamed the building work going on next door for the loose screws lying around which caused the puncture which they hadn't swept up.

        Never been back, never will.

  10. Anonymous Coward
    Anonymous Coward

    All Companies are IT dependant

    Yet IT is seen as a cost not worthy of investment, in either competent engineers or IT build quality or resilience. IT has always bern viewed this way by speadsheet monkey managers, all the way up to the board of Directors.

    You get what you pay for, and you get what you deserve. This is a management failing, not an IT problem.

    1. Jabba

      Re: All Companies are IT dependant

      Spreadsheet monkey managers. Best phrase I've heard in years ! Brilliant. I will make extensive use of that one.

      1. Anonymous Coward
        Anonymous Coward

        Re: All Companies are IT dependant

        are they cheese-eating spreadsheet monkeys?

  11. Keith 12

    They deserve everything they get. I've not used them for 15+ years.

    My final experience with this company - a couple of weeks after having a new complete exhaust system fitted I noticed a slight rattling noise and, taking a look underneath, I could see that one of the nut and screws holding the rear exhaust section was slightly loose.

    As their depot was fairly close, and, being a lazy git, I took the car in a few days later, explained to the manager at reception the issue and showed him my invoice from a few weeks before. (In typical fashion, and in the same way as had been done in previous visits, he apparently passed none of this information to the fitter.)

    Waiting in the reception area, during which a lady customer explained that she was in the middle of some legal issues with the company, they had apparently damaged the manifold when fitting a new exhaust and this was her third visit to get it fixed properly, I received the dreaded "come over here" signal from the fitter, who pointed to various faults with the (brand new) exhaust setup, none of which I could see as an issue, and was suprised to be told that I needed a complete new exhaust system...

    I gave him the go ahead for that, and, on being presented with an invoice again showed my original invoice to the manager and confirmed to him that I assumed that they had fitted a faulty system previously. After a short "debate" he agreed.

    (I should have known better. Some months earlier a friend had had 2 new front tyres fitted by the same depot. On leaving, and a few hundred yards away, one of the wheels fell off causing various damage to his vehicle.The company refused to accept any responsibility and basically told him to take a hike. Only by his insisting to wait for an area manager, who to his credit accepted full responsibilty and paid for all damage to be fixed, did he obtain any form of redress.)

  12. Anonymous South African Coward Bronze badge
    Trollface

    KwikFail?

  13. robm82

    I would love to read Kwik-Fits DR and BC documentation - oh wait...

    1. Korev Silver badge
      Coat

      Do you think they did a rehearsal to kick the tyres?

      1. Anonymous Coward
        Anonymous Coward

        Brake, brake, oops sorry break, break.

        1. jake Silver badge

          Go ahead, break.

  14. Anonymous Coward
    Anonymous Coward

    Fail by design

    There seems to be a modern trend to all or nothing, I guess it has come about due to better comms, systems used to be site specific and work independently with data polled as required and stock/price lists updates daily. Whilst it meant you didn't have up to the minute data it did mean that problems like this would be rare as there was no need for anything but some basic data transfer capabilities between sites, not full blown network connectivity that allows viruses to spread rapidly. Seperate computers on seperate networks would be used for centralised functions with isolation from on site systems. Welcome to the modern world.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon