Extent of Government Computers Infected By Bots Uncertain 96
Krishna Dagli writes to mention findings by the company Trend Micro on the extent of bot infection in U.S. Government computers. The article by Information Week indicates that, while the 'original' findings were much harsher, the security vendor has since backed down from some of its claims. Still, the extent to which information-stealing software has penetrated our national infrastructure is enough to take note. From the article: "While it may be tempting to discount the warnings of security vendors as self serving--bot fever means more business for Trend Micro--there's unanimity about the growing risk of cybercrime. In its list of the top 10 computer security developments to watch for in 2007, released last week, the SANS Institute warns that targeted attacks will become more prevalent, particularly against government agencies. 'Targeted cyber attacks by nation states against U.S. government systems over the past three years have been enormously successful, demonstrating the failure of federal cyber security activities,' SANS director of research Alan Paller says in an e-mail. 'Other antagonistic nations and terrorist groups, aware of the vulnerabilities, will radically expand the number of attacks.'"
No Problem... (Score:2, Funny)
Re: (Score:1)
Other antagonistic nations? (Score:1, Insightful)
You mean anagonistic nations other than your own?
Why, that means (Score:4, Insightful)
Re: (Score:2)
Re: (Score:3, Insightful)
Daily.
Re: (Score:2, Troll)
Wouldn't it be fitting... (Score:2)
Re: (Score:2, Insightful)
Granny != Uncle Sam (Score:3, Interesting)
Re: (Score:2, Insightful)
Re: (Score:3, Interesting)
Neither is yours.
I work for a Federal agency (see my post below) and we have a large number of skilled IT workers (some as contractors, some as Feds) that diligently keep our network up, running, as as safe as several million dollars a year can manage.
For your (and the parent poster's) information, it is not as easy to manage millions of computers spread over the entire globe and keep them as safe as your granny's PC. If you t
Re: (Score:3, Interesting)
The US government is a large, diverse entity with over a million people working for it in places all over the world. It takes a lot of money to make it work, and as with any government, that money has to be coerced out of the population by law; You don't pay for services, mostly, as you would from, say, your local air conditioning service company.
In a lot of ways, I agree that many of the people, especially in Congress, fit your characterization, as do a few government man
Re: (Score:1, Insightful)
If it isn't easy then you shouldn't do it. Seriously. If *you* find it hard to to manage millions of computers, then you shouldn't be managing millions of computers. Nobody should. No one person should be directly managing more than a few hundred or thousand computers at most
Re: (Score:2)
What part of "large" and "diverse" don't you understand? The US Government is comprised of a number of cabinet level Departments, each of which is separately managed and funded. That means nobody is managing more than you said. Some Departments even are sub-divided, such as the DOD, making it even less centrally managed. Don't put words in my mouth.
What I said wasn't a complaint, it was a statement of fact. It meant that the
Re: (Score:3, Funny)
Eeeewwww.... (Score:2)
Must find suitable brain eraser for that mental image...
Re: (Score:1)
As someone who has worked for a government agency before, I can vouch for how cash-strapped these places really are. Money goes to wages and health care and very little is left for other things. Granted, the USA Government should do a better job, but given the amount of red-tape involved in contracting the IT dept (clearances, call-out times, safety assurances) it is a wonder the PCs work at all.
It would be great if we could all go into the government w
Re: (Score:1)
Bots accounting for questionable browser habits (Score:3, Insightful)
Re: (Score:1)
It's the bureaucracy that's the biggest problem (Score:5, Insightful)
-Eric
Re: (Score:1)
And Yet Still Windows (Score:5, Insightful)
Re: (Score:1, Insightful)
Do you know what govt agencies have to go through to approve an upgrade from Word 2000 wo XP? And you want them to change a whole OS? hahahahah! Nottice I said "approve". They can buy the stuff all day long, but can't install it without jumping through 1000 hoops.
Re: (Score:1)
But then i suspect MS and the US gov are in bed together anyway.
Re: (Score:2, Interesting)
I am not convinced that OSS is really all that more secure than closed-source software. Not saying Windows is not vulnerable (otherwise we wouldn't be having this discussion), but let's be realistic here. The cheif advantage to OSS is the peer-review process, but in a large company like MS, peer review is probably mandatory as well
Re: (Score:3, Insightful)
That may be an aggravating factor, but it's definitely not the main problem. Windows' biggest problem isn't just that it's proprietary software -- it's that it just plain sucks even within the realm of proprietary software. It's the one platform where
Re: (Score:1)
I don't entirely disagree with enharmonix's point about Windows being a more widely used target, but a large percentage of all webpage servers already do run Linux and already exist in large enough numbers. I do not work in the computer field, so I don't know how Apache webpage servers running on Linux compare to Windows IIS webpage servers, but why aren't there any Linux viruses or worms designed for them. I use Linux on my computer at home and it is still almost unheard of for a Linux computer to get in
Re: (Score:2)
That's not true. Linux has a significant market share for servers (%30, I believe). It is hard to exploit.
The reason Linux/BSD/OS X is more secure than Windows is because security was a larger factor in its design. It is very difficult to secure a huge software product that wasn't designed to be as secure in the first place.
Re: (Score:2)
I have seen users struggle to use XP after learning windows 2000. To the average computer person, there is no learning curve, but to these users, it's completely different.
Now, try and do the same thing with an operating system that is truly different...
Re: (Score:3, Interesting)
Government IT jobs are some of the lowest paying and have the absolutely lowest job satisfaction. Government does not want idea people, they want people that will do what they are told without question.
I know, I was there. Started my career as a Government IT employee. Hated it badly, and could not stand the supervisor that knew nothing about IT yet constantly micromanaged us, even telling us to do things that are insane-wrong t
Re:And Yet Still Windows Isn't really the problem (Score:1)
Gee, I wonder how those bots got in the system? They didn't just cruize in and take up residence. THEY WERE INVITED!
Now if an limitation were installed that would not allow a luser to click OK, that would prevent that from occuring. However on the other hand call center tickets would double and luser satisfaction would decline if they were not allowed to install useless screens
It's just the Patriot Act (Score:2, Interesting)
Isnt just 1 bad (Score:1)
This scares me, i don't care if its 1 machine or 10,000 machines.
Budget cutbacks and incompetence (Score:5, Insightful)
Anyways, under their watch we had numerous security breaches. One of our servers was hosting a child porn collection and IRC channel. Another server had been crippled by viruses, and we had seen other signs of intrusion time after time. The child porn server was confiscated by the FBI when they tracked it down. They returned the server to the DOA when they had finished so that the DOA could learn from the breach and correct the security issue, but there was no one employed with the DOA who could identify the failure or what to do about it.
Anyways, my rough guess is that given what I've seen of state networks, I would think they are heavily botnetted. The other side of the public sector though, atleast the Marine Corps network, is a pretty impressive setup. I've seen those guys in action and I would be extremely suprised if there is a lick of traffic that escapes their pipes with out their express knowledge.
-Rick
Re: (Score:3, Funny)
I'm terrible with conversions, but isn't 1 lick approximately equal to 142 bytes?
Re: (Score:2)
-Rick
Don't bet on it (Score:1, Insightful)
It's like any other organization though - there's areas that are run exceedingly well, and areas that aren't. It's hard to generalize about anything as large and complex as go
Re:Don't bet on it (Score:4, Interesting)
Another notable environment I saw was one of the Office buildings in Quantico, VA. Each new building for the most part had it's own network design team that would configure the building prior to people moving in, and they would design and configure everything. Once the regular staff showed up, the design team would hand off control of the network to the local IT department. The guys at the Marsh Center had this down to a science. When I left Quantico, the only thing those networks would get out of their chairs for was to clear a printer jam or replace failed hardware. Everything else was locked down, automated, network pushed, and other whys control remotely. A truly beautiful environment for both the IT support team, and us developers.
-Rick
this takes $$$ time and energy (Score:4, Informative)
My agency uses a multi layered defense to protect us against these issues. There are network level protections, PC level protections and desk-side support level protections. We also regularly send out warnings about current threats as well as require personnel to undergo annual IT security awareness training.
Individual PCs that are found to be broadcasting unknown signals to unknown or unverifiable outside destinations are removed from the network and reimaged immediately.
If, from a complaint to the help line, we find that a PC is infected with spyware, we don't even try to remove it; it is immediately reimaged.
We have instituted a locked down desktop policy; users are NOT allowed admin access except through application to a special committee for good business cases, based upon the use of special software that requires such access to run. We bend over backwards to alter those situations to avoid that access whenever possible.
Laptops are imaged using an image that is encrypted using a good encryption program that encrypts the entire hard drive using a 512 bit key, and NO laptops are allowed to be bought without going through our recieving process where that image is installed.
We have spent millions of dollars of your tax money in the last five years bringing this system online, but now that we have, we believe that we have as safe a system that we can get without just unplugging it or spending twice as much.
We don't have classified material, but we do have information that is confidential by law and must be protected from public release. (proprietary information belonging to firms we regulate.) This limits the measures we need to use, since classified material requires a completely different level of protection.
If the VA had used a system like ours, they would never have been embarrassed by the recent theft. The theft may still have occurred, but the information would never have been at risk.
It is not a perfect system, and it takes constant dilligence to maintain and periodically upgrade, but I think we do a pretty good job.
Re: (Score:2)
Re: (Score:2)
trojan task .. (Score:2)
Apart from this trojan task what else does the IT department contribute to your business.
"We have spent millions of dollars of your tax money in the last five years bringing this system online"
Ah, I see
Re: (Score:2)
I work for the FDA - the Food and Drug Administration, and we are part of the HHS.
If you work for anybody but yourself, you are spending someone else's money, so what? I like that, too, especially when they have more than I do (which isn't hard...).
Cute little poem, but
read a book .. (Score:2)
The story goes that a war was fought by the Achaeans against the city of TROY for ten years. They built a Wooden Horse and hid in it until the trojans brought it into the city. Ergo trojan task refers to any Herculaen task.
"Cute little poem, but what relavance has it to my post?"
It's something similar to a quote from, I think, Grace Hopper [wikipedia.org] regarding braking codes in WW2. Now that was a real trojan task
Re: (Score:2)
I'd never heard of the poem, I'll look it up and read it, if that was just a snippit.
Re: (Score:2)
fat fingers...bad eyes didn't see the error until after I hit submit.
The difference is (Score:2)
The difference is that only the government forcibly takes people's money under threat of imprisonment.
Re: (Score:2)
Does YOUR employer take money from your paycheck and then pay you with the resulting funds? Mine does!
Re: (Score:1)
I was just wondering, how do you do that? Where is the key saved? Is the user required to type in a 512 bit key every time they start?
If it's saved in hardware, something along the trusted computing stuff, I can understand it. But how many laptops have that
Re: (Score:2)
Yes, the user has to type the PW, after all, if it's stored, then it's accessable, isn't it?
Of course the security depends on the PW - it always does, unless one is using biometrics, and that has its own problems.
I've seen some of the mathematical probablitites
Re: (Score:1)
8 character passwords are in the realm of today's private sector computers. And if you think people will sit at the prompt, well.. think again
An attacker would make a backup of the disc, find the encryption used, and start cracking.
even a separate boot disk cannot even recognize the HD as being a bootable disk; it looks like an unformatted drive.
Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software. Which mea
Re: (Score:2)
"Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software."
Yeah, that would be something called Pointsec. Give it the right password, get in. Works real well. Forces a reboot after every third wrong password.
Just what other software would you use to do your little attack that can duplicate a 512 bit key?
Safe (Score:1)
Re: (Score:2)
I suspect those non-military, non-law-enforcement agencies are the biggest offenders of lax network security.
Re: (Score:1)
Re: (Score:2)
The war on cyber terrorism doesn't seem to be of any concern to the current administration.
Why Hasn't Our Government Achieved Better Security (Score:1)
Possible Cases (Score:1)
To one Congressional Office's credit (Cliff Stearns), they actually had iMacs setup. I guess that's one step in the right direction.
Headline &/or summary should say WINDOWS (Score:2)
If it had been a Linux problem, the headline would have shouted it. Let's give Windows headline credit for its main features: Insecurity and wasted time and money.
Re:Headline &/or summary should say WINDOWS (Score:2)
Speaking of which (Score:3, Interesting)
Hard Break: Simple Solution (Score:2)
Re: (Score:1)
Another possibility might be to install a KVM switch on each computer so that the government employee could switch back and forth between a computer that is connected to the Internet and one that isn't. At one time I had a KVM switch between my new computer and my old computer. The KVM switch allowed me to switch back and forth between the two computers in about two seconds. A KVM (keyboad-video-mouse) switch allows the use of one keyboard, video and mouse to control more than one computer. One of the c
Okay ... tie this to the porn and gambling article (Score:2)
The observed porn and gambling surfing by govt employees becomes a national security risk.
Govt computers are some of the worst.... (Score:2)
We had a recurring nightmare scenario in the Army of someone successfully infilitrating our machines with "byte crack" (think Ho
It's worth reading TFA (Score:1)
Huh? Government Workers == Bots! (Score:2)
This is surprising. I was always under the impression that all government computers were infected by bots.
Oh, wait - my bad. I thought it said that all government computers were operated by bots.
Nevermind.
Had Enough? (Score:1, Flamebait)
Feel safer?
Vote to fire or keep your Representative on TUE November 7, 2006 (one month from tomorrow). Odds are you'll have the choice to fire one of your Senators. Reformatting the White House will probably take ano
Re: (Score:2)
100% Flamebait
TrollMods don't want you to know that you can feel safer by voting in a month, on TUE November 7, 2006, to fire your representative and probably your senator, too.
Because TrollMods are Republicans, and your representative and senators are probably Republicans, too.
TrollMods have faith in security by obscurity [wikipedia.org], especially when securing elections for a Permanent Republican Majority [google.com].
Moo (Score:1)
Hmm.. i'm not even sure there's a difference. So, in some way, you're vote does count.
Little ole' me... (Score:1)
The Government is a juggernaut (Score:2)
That's where organized crime is having the upper hand: Speed. When you're in the defensive
Little Help Here? (Score:2)
nobody headed DHS warning against using MS IE (Score:2)
Extent of Government Computers Infected By Bots U (Score:1)
What percent is this a Windows problem? (Score:2)
Why does Microsoft get off so easily in the media for all the problems caused by running its software?
I can't stop, some more good headlines.
"Almost 100% of owned computers are running Windows"
"Supporting Botnets is the cost of running Windows"
"Goverment supports bots by running Windows"
Solution (Score:2)
Obligatory (Score:1)