Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Spoofed White House Card Dupes Many Gov't Employees, Steals Data

timothy posted more than 3 years ago | from the you-may-have-already-won dept.

Christmas Cheer 173

tsu doh nimh writes "A run-of-the-mill malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents from dozens of victims over the holidays, including a number of government employees and contractors who work on cybersecurity matters, writes krebsonsecurity.com. The story looks at several victims who fell for the attack, and suggests it may be related to a series of similar document-harvesting runs throughout 2010. Government security vendor NetWitness notes that these types of incidents are blurring the lines between online financial fraud and espionage attacks."

cancel ×

173 comments

Sorry! There are no comments related to the filter you selected.

Merry Christmas (5, Funny)

Dexter Herbivore (1322345) | more than 3 years ago | (#34764008)

Honourable employees of venerable government of USA. Please click on link to receive free gift from People's Republic of... ummm... errr... Canada!

Re:Merry Christmas (2)

Toe, The (545098) | more than 3 years ago | (#34764236)

To retrieve card just click on this totally legitimate official White House e-mail address: elvis.com.au/(something)

Yeah, that address actually appears in the card, according to TFA.

Like... seriously?

Merry Freaking XMas... (1)

Super Dave Osbourne (688888) | more than 3 years ago | (#34764014)

The governmint can't keep track of used hard drives, so this is not a big threat in real terms. When they can tell the US citizens where all the data for nukes and secrets is on their hard drives I'll care more about malware in emails.

Re:Merry Freaking XMas... (1)

interval1066 (668936) | more than 3 years ago | (#34765446)

:The government can't keep track of used hard drives, so this is not a big threat in real terms."

Ok, so how about the government agency who's dept. heads were caught spending all their time in the office surfing for porn and generally goofing off last year? Were they a threat?

Hey, whatd'ya know... (1)

Haedrian (1676506) | more than 3 years ago | (#34764022)

"malware-laced e-mail"
"contractors who work on cybersecurity "

I guess everyone falls for a good old spoof. Not just 70 year old grandmas like it was suggested in the last article on spoofing.

Practicin' my terminology... (1)

dogsbreath (730413) | more than 3 years ago | (#34764358)

"malware-laced e-mail"

Ok... isn't this a tautology?

"contractors who work on cybersecurity "

and isn't this an oxymoron?

Signed "anxious to learn"

Serves them right for trusting Obammy (-1)

Anonymous Coward | more than 3 years ago | (#34764026)

I wouldn't open a damned thing that I received from someone known to be so cozy with felons (Tony Rezko), racists (Rev. Jeremiah Wright), and terrorists (William Ayers). They're lucky the email didn't try to do something much worse, like replace their 401(k) portfolio with worthless government bonds. Don't worry, folks. That one's probably next.

Re:Serves them right for trusting Obammy (-1)

Anonymous Coward | more than 3 years ago | (#34764052)

You better update your wingnut talking points, it's not 2009 anymore.

Re:Serves them right for trusting Obammy (0)

Anonymous Coward | more than 3 years ago | (#34764558)

The date may have changed, but the facts have not. As inconvenient as it is for you to understand, your black messiah is a fraud.

Re:Serves them right for trusting Obammy (0)

Anonymous Coward | more than 3 years ago | (#34764786)

Don't you have a street corner to go stand on?

Really? (1)

betterunixthanunix (980855) | more than 3 years ago | (#34764030)

The people entrusted with these sensitive documents are not trained to check for digital signatures on emails that come from "the white house?" Do these people even bother to sign their messages?

Re:Really? (1)

TaoPhoenix (980487) | more than 3 years ago | (#34764108)

Wikileaks Round 2!

Re:Really? (-1, Flamebait)

jimbolauski (882977) | more than 3 years ago | (#34764132)

At many government facilities it is policy that to send an attachment a signature must be used, and warnings are given if an attachment is not signed. That will only stop the cautious from doing something stupid and the others will simply ignore the warnings as they have done with so many other warnings they get. The real tip off that this wasn't real it that it was a CHRISTMAS card from the white-house, Kwanzaa, would have been more believable.

I was having trouble waking up this morning... (0)

Anonymous Coward | more than 3 years ago | (#34764352)

The real tip off that this wasn't real it that it was a CHRISTMAS card from the white-house, Kwanzaa, would have been more believable.

...so thanks for the much-needed facepalm.
(For future reference, just get it over with and call the guy a nigger; it's immediately obvious that that's how you feel, so you don't need to dance around that shit.)

Re:Really? (0)

Anonymous Coward | more than 3 years ago | (#34764170)

Somebody wrote a moron detector.

Re:Really? (2)

Alumoi (1321661) | more than 3 years ago | (#34764438)

Trained people do NOT get those jobs.

Re:Really? (1)

arth1 (260657) | more than 3 years ago | (#34765138)

Training has little to do with it. You need the personality traits of common sense and healthy suspicion, which no amount of training will imbue you with. At best, you can be a parrot, but won't be able to apply those traits to new and unknown situations, which is what was required here.

SSDD (1)

Anonymous Coward | more than 3 years ago | (#34764034)

Same shit, different day. We're used to being screwed by the Obama Whitehouse.

And the Bush II Whitehouse.

And the Clinton Whitehouse.

And...

Re:SSDD (1)

TaoPhoenix (980487) | more than 3 years ago | (#34764096)

Naw AC, this $hit is *Different*. It's not anything at all like the $hit you grew up with, it's a whole new paradigm!

Re:SSDD (2)

Haedrian (1676506) | more than 3 years ago | (#34764214)

Error: Could not find string variable 'hit'

Re:SSDD (1)

TaoPhoenix (980487) | more than 3 years ago | (#34764640)

Good one.

It's an old joke from sites with silly profanity filters.

Re:SSDD (2)

somersault (912633) | more than 3 years ago | (#34764466)

Ah thanks. I always read that as "Solid State Disk Drive". I wondered why it was a mission name in MW2.

Re:SSDD (2)

Bigbutt (65939) | more than 3 years ago | (#34764578)

And I read it as Single Sided Double Density.

[John]

pack.exe as Perl/ZeuS Trojan? (1)

AHuxley (892839) | more than 3 years ago | (#34764042)

Really silly q, but why do the scripts seem to be just so Windows based/Windows friendly?
Is it so hard to get Mac OS X, Linux or other OS's to run something perl like via a click click of something cute in a email?
Could anyone make something stacked/packed to be Win7/OS X/Linux aware?

Re:pack.exe as Perl/ZeuS Trojan? (1)

Haedrian (1676506) | more than 3 years ago | (#34764068)

Off the top of my head I'd say that if you're executing something which you got from the internet, the executable bit will need to be turned on manually. Installing things also requires root privilages, so if you're using a *nix I'd say its much harder to do that.

Re:pack.exe as Perl/ZeuS Trojan? (1)

mcgrew (92797) | more than 3 years ago | (#34764346)

things also requires root privilages

Only if you're trying to install something that can fuck up the whole system. It's not hard at all to install FireFox in userspace, although it won't be available to other users unless they have rights to the directory it's installed in.

Windows is the OS that insists that all its programs be installed in root, and some idiots write programs that insist you run them as administrator (why does MS allow this?).

"Open the pod bay doors, HAL"
"I'm sorry, Dave, I can't do that."
"SuDo open the pod bay doors!"
"OK"

Re:pack.exe as Perl/ZeuS Trojan? (0)

Anonymous Coward | more than 3 years ago | (#34764586)

Windows is the OS that insists that all its programs be installed in root...

Bzzt... Wrong, it doesn't. In fact, it works the same way Linux does in this regard. Try installing Google Chrome browser and see where it gets installed. Any properly written app can be installed like that. Many current installs will ask if you want it "for all users" or "just for you" and allow you to choose. Now, are a lot of programmers / setup writers lazy and make you install to "C:\Program Files"? Yes. Does Windows require this? Absolutely not.

Re:pack.exe as Perl/ZeuS Trojan? (2)

betterunixthanunix (980855) | more than 3 years ago | (#34764614)

It's not hard at all to install FireFox in userspace

It can be, if you mounted the home directories partition with "noexec".

Re:pack.exe as Perl/ZeuS Trojan? (4, Informative)

betterunixthanunix (980855) | more than 3 years ago | (#34764070)

Most GNU/Linux systems (and I assume but cannot really say for sure about Mac OS X) will not just execute an arbitrary file that you download. Generally you have to at least set execute permissions on the file to get it to run, or feed it to its interpreter on its own (if it is a script). Additionally, for a secure desktop, one would generally set "noexec" on the home directories partition, so that users cannot just execute random code.

Really though, this is all superficial by comparison with multilevel security systems, which for someone with top secret clearance seems like an obvious measure. MLS policies should forbid a program that you download from some random website from even opening a file that is "Top Secret," let alone sending a copy to some other system. A lot of research went into such systems, which are designed around the assumption that the threats are internal (e.g. a malicious program that is already running on the system) and that the goal is to prevent leaks (as opposed to the more common goal of restricting unauthorized access).

Re:pack.exe as Perl/ZeuS Trojan? (1)

AHuxley (892839) | more than 3 years ago | (#34764134)

Thanks, you would think Windows would be banned, reduced to admin ect. No air gap. UFO seekers with dial up and now more perl fun. I guess Windows keeps the 'fix it again' contractors very busy and happy.

Re:pack.exe as Perl/ZeuS Trojan? (1)

L4t3r4lu5 (1216702) | more than 3 years ago | (#34764342)

Don't blame Windows. This was a case of government employees being duped by an email Christmas Card. They may as well have "checked out this screensaver!" or pictures of "Anna Kornikova"

I suggest a new stipulation in government contracts: You will be given a one-day basic data security course. You will be trained in how to identify emails which are not genuine, and how to dispose of them properly. Once completed, you will sign to say you have undertaken the course and will enact all advice and policy contained therein. Any data breaches which would have been avoided by following said advice and policy will result in immediate dismissal for gross negligence, and prosecution under appropriate data protection legislation (In the UK, that's up to £500,000 personal fine and 6 months in prison. Your employer is legally prevented from reimbursing you for the fine.)

Re:pack.exe as Perl/ZeuS Trojan? (1)

david.emery (127135) | more than 3 years ago | (#34764528)

Blame Windows. These vulnerabilities don't exist, or at least are not exploitable/exploited to the same degree on other platforms.

I'm still waiting for a -successful attack- like this on the Mac. Given the growing Apple market share, particularly concentrated at the high end (i.e. more wealthy) of the market, I'm still not buying the argument that 'all computers are equally vulnerable.' But then, I don't support purely random searches to prevent terrorism, either.

Re:pack.exe as Perl/ZeuS Trojan? (1)

betterunixthanunix (980855) | more than 3 years ago | (#34764570)

Interestingly, Mac OS X (last I checked) did not have a built in MLS policy framework; Windows 2000 and up do, and enterprise GNU/Linux distros do. It really comes down to a question of competence, namely, are these systems configured to actually take advantage of their security systems? Unfortunately, the answer appears to be no; you can sneak data out of secure environments using a CD, you can have a random program from the net read classified documents, etc.

If anything, we should blame the IT staff.

Re:pack.exe as Perl/ZeuS Trojan? (1)

david.emery (127135) | more than 3 years ago | (#34764628)

Valid point, but I think we're conflating a couple of issues:
    1. vulnerability to these kinds of attacks
    2. existence of management controls to turn off some classes of access

You can't have "a random program from the net read classified documents" unless there's a cross-domain guard of some sort to bridge the classified and unclassified networks.

Re:pack.exe as Perl/ZeuS Trojan? (1)

L4t3r4lu5 (1216702) | more than 3 years ago | (#34764804)

These attacks are more difficult because as you say, lower market share makes other OSs less tempting targets, and also they are more secure by default (noexec on home directory), but that is not the issue. A government employee downloaded an eCard, and opened it, while attached to a classified network. That's a user-land issue, not a software issue. It doesn't matter how secure your OS / network is when you have users that careless / dumb.

Re:pack.exe as Perl/ZeuS Trojan? (1)

david.emery (127135) | more than 3 years ago | (#34764902)

No evidence in the base article this was loaded on a machine in a -classified- network.

"lower market share" does NOT make attacks more difficult, it just reduces the number of potentially vulnerable machines.

Re:pack.exe as Perl/ZeuS Trojan? (1)

operagost (62405) | more than 3 years ago | (#34765142)

Blame Windows. These vulnerabilities don't exist, or at least are not exploitable/exploited to the same degree on other platforms.

No, really... don't. The only "security" feature *nix has over Windows in this respect is the execute flag. If Linux suddenly because a viable desktop platform, I assume you that the first feature to be clamored for would be a user-friendly way of setting or ignoring the flag (like a dialog box on which everyone would automatically click "OK"). The trojan scanned the document folders on the machine, which would be accessible to any program unless you had it running as a "nobody"... but then how would your programs keep their configuration settings?

Re:pack.exe as Perl/ZeuS Trojan? (1)

david.emery (127135) | more than 3 years ago | (#34765216)

MacOS X, which is Unix underneath the Apple GUI, doesn't have these problems, and It is a "viable desktop platform" (unless you're a Sold-your-soul-to-Microsoft CIO/IT guy...)

Re:pack.exe as Perl/ZeuS Trojan? (0)

Anonymous Coward | more than 3 years ago | (#34764610)

Of course it's windows. Did you not read the posts above yours about Microsoft,by default, allowing unknown programs to run as root. And real OSs ,by default, don't.

Re:pack.exe as Perl/ZeuS Trojan? (1)

L4t3r4lu5 (1216702) | more than 3 years ago | (#34764752)

Yes, and I discarded them out of hand. Computers don't do anything unless they are told to. I can tell OS/X, Linux, any OS to run downloads with admin / root permissions as soon as they download by default. I can also set any of these OS's to not allow execution of any downloaded content whatsoever. The fact that one is on by default, the other off, is neither here nor there. A human either set those permissions, or left them as they are, and a human downloaded an unknown file of unknown origin, of dubious relation to their work, and ran it. Windows did not download the eCard and install the trojan, a user did.

I'm real glad that hating an OS for a user-space issue comes so easy to you. Blaming others is a useful skill, especially if you're an idiot yourself.

Re:pack.exe as Perl/ZeuS Trojan? (1)

The MAZZTer (911996) | more than 3 years ago | (#34764084)

You could write it in something cross-platform and common, like Java, and trick people into opening the .jar file and running the program.

Re:pack.exe as Perl/ZeuS Trojan? (1)

Haedrian (1676506) | more than 3 years ago | (#34764116)

Hello Employee

Merry Christmas! Attached please find card. Remember to set executable bit to yes before running this jar file.

Regards

The Whitehouse

Ps - If you fell for this one you will need to retake your computer proficiency test.

Re:jar (1)

TaoPhoenix (980487) | more than 3 years ago | (#34764612)

Check out this Screensaver from the upcoming Star Wars MMO!

Binks.jar.jar

Re:pack.exe as Perl/ZeuS Trojan? (2)

TaoPhoenix (980487) | more than 3 years ago | (#34764088)

Why is the quality of malware better than the quality of some commercial SFW ware?

Re:pack.exe as Perl/ZeuS Trojan? (1)

gstoddart (321705) | more than 3 years ago | (#34764652)

Really silly q, but why do the scripts seem to be just so Windows based/Windows friendly?

Because it's just so damned easy? Sadly, some of the "user friendly" settings Microsoft has done over the years makes some of this stuff happen pretty easily -- stuff like hiding the extension of well known documents so that evil-virus.jpg.exe looks like evil-virus.jpg.

Hell, at one point, Microsoft made an urban myth true -- that you could get a virus/malware without even clicking on it, just by reading the email that contained it as they decided to just go ahead and run it for you. Up until then, those of us in tech were telling our family who forwarded all of the urban legends that it simply wasn't true -- and then one day it was.

Microsoft has gotten a whole lot better over the years, but sometimes in order to "simplify" things for the user, they do something fairly boneheaded that ends up messing up everybody. Sometimes, the training wheels get caught in your pants and do more damage than if you'd only fallen and skinned your knee. :-P

Is it so hard to get Mac OS X, Linux or other OS's to run something perl like via a click click of something cute in a email?

Are you feeling left out or something? I can understand pissing and moaning that people don't make games and the like for Linux, but that the malware doesn't work? I don't get that one.

Part of me also suspects that it's a lot harder to encode that since you'd need to be executing code within the email (before anybody clicked on anything) to determine the platform and possibly actions. I don't think that's really feasible for the most part -- but I'm sure it's possible using something obscure. I just mostly suspect it's not worth the effort -- if 90%+ of people are running Windows, why go to the trouble for the rest to spread a virus?

Re:pack.exe as Perl/ZeuS Trojan? (1)

geekoid (135745) | more than 3 years ago | (#34765888)

It's due to install base.

It's an easy attack, and the things that make Linux secure would not be tolerated by the general public. Having to set permission to execute? that wuold last 15 seconds before a demand to automate it happen. And then there you are.

AS a note, install base isn't in and of itself the only reason, and it's foolish to think so.

New Rule: Detachment (1)

digitaldc (879047) | more than 3 years ago | (#34764046)

New Rule: NEVER open an attachment.
OR - Never open an attachment to an email (or any file sent to you) unless you know who sent it to you, and you have confirmed that they did send it to you, and they did send it at a certain time and date with the same file name.

This should be mandatory for all employees who do not understand the danger of phishing, trojans or malware attacks.

Re:New Rule: Detachment (1)

couchslug (175151) | more than 3 years ago | (#34764282)

New Rule:

Don't run an insecure operating system. One thing people forget about government employees is that they can be given fucking orders to change, and they don't have to fucking like it. You can literally tell people to "do it and shut up".

For example, when the USAF went from green screen Unix terminals to Windows, snivelling wasn't an option. Obey orders or be punished.

If security is ever taken seriously, issue orders to change, fry those who refuse, end of story.

Re:New Rule: Detachment (1)

MadKeithV (102058) | more than 3 years ago | (#34764470)

Rule 0: don't allow stupid people near important data.

Re:New Rule: Detachment (1)

TaoPhoenix (980487) | more than 3 years ago | (#34764622)

You can't get your plausible deniability if you pick someone good!

Re:New Rule: Detachment (1)

Haedrian (1676506) | more than 3 years ago | (#34764688)

But that would be the end of the government as we know it :(

Re:New Rule: Detachment (1)

MadKeithV (102058) | more than 3 years ago | (#34765032)

You make that sound as if it's a bad thing.

Re:New Rule: Detachment (1)

jd3nn1s (613014) | more than 3 years ago | (#34764666)

What privileged operation is required to access resources that are readily available to the user context? None that I can think of. You can read files and connect to the network without root/administrator. This can only be solved with a combination of policy and user education. AV and attachment filtering would be a start. As this was a targeted attack I don't think that security by obscurity would necessarily work (i.e. running a different OS)

Re:New Rule: Detachment (0)

Anonymous Coward | more than 3 years ago | (#34764690)

Wait, I've got an even better idea, Einstein! How about cryptographically signing your damn messages and only opening attachments from legit senders?

Re:New Rule: Detachment (1)

geekoid (135745) | more than 3 years ago | (#34765904)

new rule: don't allow attachments, ever.

Encryption? DRM? Hello? (1)

Haedrian (1676506) | more than 3 years ago | (#34764090)

I'm still amazed that you can just suck sensitive documents off people's computers. Wouldn't these be encrypted? Or at least require a certain key to open?

People put so much research into making your music/software only run on one computer (DRM) - and yet they can't extend it to only allow the opening of sensitive documents on certain computers? These aren't pictures of your last holiday in Greece...

Re:Encryption? DRM? Hello? (1)

somersault (912633) | more than 3 years ago | (#34764536)

These aren't pictures of your last holiday in Greece...

But I'm a suspected terrorist who just had a holiday in Greece! And I was sure those guys with cameras were government operatives! Well, at least the malware authors didn't get a good look at me in my speedos.

Re:Encryption? DRM? Hello? (1)

arth1 (260657) | more than 3 years ago | (#34765310)

People believe encryption works differently than it does.
Bitlocker, for example, is largely worthless except specific scenario, because when you mount the drive, it becomes unencrypted for all users.
EFS is somewhat better, because the file contents will only be available to the user who owns the key, or who has access to import that key.

But neither will protect the currently logged in user or any processes he starts from accessing the documents. You need a vault for that. (Programs that encrypt/decrypt files in place, give them a new name to signify that they're encrypted are usually unsafe. The unencrypted file can be brought back by the "Versions" snapshot feature, unless it's turned off. Which is why a vault is far better.)

Re:Encryption? DRM? Hello? (1)

Anonymous Coward | more than 3 years ago | (#34765480)

Encryption on our Windows systems are tied in to customer's Windows log ons. Once they log on, encryption is open and files are then available to running processes. The encryption's primarily to prevent access of files if hard drive is obtained by bad guys.

On Macs, we have customers use encrypted disk images as well as File Vault (encrypts user directory), They have to authenticate to the disk images after they have logged on to their systems. 'Course, most customers go and set the disk images to auto-open (prompt for login) as soon as their desktop comes up. Files are then available to customer's runtime processes.

I've never seen a set up of requiring a password for individual files, but then I only support equipment used for S and TS levels.

Re:Encryption? DRM? Hello? (1)

russotto (537200) | more than 3 years ago | (#34765730)

Believe it or not, people do actually have to get work done, even with sensitive documents. Make it so e.g. they have to type in a 100-character passphrase and enter a one-time password from a key card every time they open the document, and they're going to leave the document open all the time or spoil the security in some other way.

they could stop it immediately (1)

JustNiz (692889) | more than 3 years ago | (#34764114)

just by giving up their windows obsession and using Linux instead.

Re:they could stop it immediately (0)

Anonymous Coward | more than 3 years ago | (#34764212)

That's right, who could forget that Linux is so magically advanced that it doesn't give access to a user's documents for an application the user has willingly executed.

Re:they could stop it immediately (1)

FrootLoops (1817694) | more than 3 years ago | (#34764390)

Well, the ZueS trojan doesn't seem to run on Linux. There's also Unix's standard execute file permission to consider.

Re:they could stop it immediately (1)

Haedrian (1676506) | more than 3 years ago | (#34764406)

Simple solution is not putting the sensitive documents as user's documents but give read permissions only to root or another user which has a seperate password. If you want to access the documents, you need to su. If a program looks for them, it won't find them.

Re:they could stop it immediately (1)

ScentCone (795499) | more than 3 years ago | (#34764416)

just by giving up their windows obsession and using Linux instead

Right, because users never willingly install or run applications on Linux. Oh, but you're going to say that Linux provides granular enough security to prevent that. So does Windows, if you're using a recent version. Doesn't matter. This is an admin issue, and a social hacking issue.

Re:they could stop it immediately (1)

FrootLoops (1817694) | more than 3 years ago | (#34764484)

You're suggesting Linux as a solution to people who click on random email attachments? Aside from software compatibility issues, these people are probably barely capable of doing what they do on Windows, which they use at home and can ask other people about, and are already used to. Imagine yourself offering phone tech support to these people during the switchover, trying to talk them through a simple command line task. Personally, that thought makes me cringe.

Re:they could stop it immediately (1)

NeverVotedBush (1041088) | more than 3 years ago | (#34765198)

Um, you do know about KDE, Gnome, and other desktops that make it where users don't need to open terminal windows, right?

I think most Linux users see desktops very similar (though IMO better) to Windows. They open programs the same way, look at directories the same way, etc.

And in both Windows and Linux, you can grab a terminal window and go all command line if you want to.

Re:they could stop it immediately (1)

geekoid (135745) | more than 3 years ago | (#34765914)

Would not help.. at all.

They ran a program that did this, they could also be tricked into running a program in Linux.

Linux can NOT stop any user from doing stupid shit. It protects them in that properly set up recovery is simple.

Again...vague on the most important detail... (0)

Anonymous Coward | more than 3 years ago | (#34764120)

Windows, Linux, or Mac? What platform was affected? Why don't they EVER tell us? *sigh*

Awful Attempt (1)

Anonymous Coward | more than 3 years ago | (#34764140)

Ok I was among those that received this spoofed WH holiday e-card and let me tell you, it was an AWFUL spoof attempt. I can't/won't go into the specifics, but it was terrible and anyone who fell for it should be smacked silly.

Re:Awful Attempt (1)

Anonymous Coward | more than 3 years ago | (#34764204)

...or given a job in the government. Oh wait.

Re:Awful Attempt (0)

operagost (62405) | more than 3 years ago | (#34765180)

You can call federal government employees stupid all you want, but they earn almost twice as much as the average American. They have been getting big raises every year while the rest of us who actually produce have been getting pay cuts or freezes.

will be sorted by the "tea Party" representatives (-1, Offtopic)

Chrisq (894406) | more than 3 years ago | (#34764150)

This will be sorted by the new "tea Party" representatives....... "Duh what's email ..... where's my scribe".

Re:will be sorted by the "tea Party" representativ (1)

Cornwallis (1188489) | more than 3 years ago | (#34764190)

I'm sure you think you're being clever but there is/was a point to holding the lid on technology in the White House.

You may or may not recall how the Clinton staffers all made fun of the Bush 1 White House upon learning they didn't use email and had "old fashioned" phones.

Guess what? The Bush 1 administration had a good handle on leaks because they didn't rush to embrace the latest and greatest unlike just about everyone now.

Re:will be sorted by the "tea Party" representativ (1)

betterunixthanunix (980855) | more than 3 years ago | (#34764288)

To be fair, though, there is at least one government agency that uses the latest and greatest (or so we think) and that has remained secure:

http://en.wikipedia.org/wiki/National_Security_Agency [wikipedia.org]

Re:will be sorted by the "tea Party" representativ (1)

AHuxley (892839) | more than 3 years ago | (#34764444)

Yes the NSA got it right from day one via COMINT only (above top secret), slap on eg Trine, Dinar, Vipar, Froth designations. Then make sure only Gout cleared people can read Gout message. Unless oathed, briefed, certified, you dont get in.
Now we have Windows and any modem using UFO hunter can have a go.

Re:will be sorted by the "tea Party" representativ (1)

Cornwallis (1188489) | more than 3 years ago | (#34764458)

To be fair, though, there is at least one government agency that uses the latest and greatest (or so we think) and that has remained secure:

I don't think so! :)

http://it.slashdot.org/article.pl?sid=10/12/17/1540256 [slashdot.org]

Re:will be sorted by the "tea Party" representativ (1)

FrootLoops (1817694) | more than 3 years ago | (#34764526)

Well, the relevant quote is "There's no such thing as 'secure' any more", which isn't quite the same as the NSA saying "we are not secure but we believe X's network is."

Re:will be sorted by the "tea Party" representativ (1)

operagost (62405) | more than 3 years ago | (#34765202)

Ironic, because President Clinton himself only ever sent two emails.

Re:will be sorted by the "tea Party" representativ (1)

geekoid (135745) | more than 3 years ago | (#34765960)

Bush one didn't have the scope of attack, and in meat space, they did NOT have a handle on leaks.

You are correct in that government agency should move forward cautiously and wisely. However when they do that the citizens laugh at the 'old' systems.

Read the victim list (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34764176)

It's not so much the crime than the type of victims:

-An employee at the National Science Foundation’s Office of Cyber Infrastructure.
-An intelligence analyst in Massachusetts State Police
-An unidentified employee at the Financial Action Task Force, [in a government body whose purpose is to fight] money laundering and terrorist financing.
-An official with the Moroccan government’s Ministry of Industry, Commerce and New Technologies.

Me, I'm an idiot with no influence, but the people who set policies and can put people in jail should know better.

Belarus (2, Insightful)

Max_W (812974) | more than 3 years ago | (#34764260)

This type of activity is illegal in Belarus too. The streets there do have names and houses are numbered. True, it is not in English.

Still if it was some kid, a call from the Interpol to Belarus police, and the employees probably could have they files back. Sometimes learning foreign languages at school could be very useful.

Re:Belarus (1)

socsoc (1116769) | more than 3 years ago | (#34764372)

What?

Re:Belarus (3, Informative)

Max_W (812974) | more than 3 years ago | (#34764430)

In the article it is written that files were sent to a server in Belarus. My point is that it is not like they were sent to the Mars.

And if there were a good working relationship between criminal police in D.C. and in Minsk, this could be easily solved or even prevented.

"Criminal police" indeed (1)

SteveFoerster (136027) | more than 3 years ago | (#34764858)

If the criminal police in the U.S. and those in Belarus had a good working relationship, presumably they would just cooperate to exploit their governmental authority to accomplish even more crime.

Re:Belarus (1)

NeverVotedBush (1041088) | more than 3 years ago | (#34765252)

Dude, while I have no special information, that is most likely just a compromised box and the files were ultimately sent elsewhere.

There might be information about the next link in the chain or there might not. If it was real espionage, I doubt there will be traces and there will be a number of intermediaries.

Re:Belarus (1)

Max_W (812974) | more than 3 years ago | (#34764450)

Belarus is a country in Eastern Europe, with the capital - Minsk.

Re:Belarus (1)

Gilmoure (18428) | more than 3 years ago | (#34765628)

It's not a large, sea-going mammal with really large tusks?

Who knew?

Shows you the (1)

p51d007 (656414) | more than 3 years ago | (#34764294)

mentality of the average government drone.

So you mean (2)

VincenzoRomano (881055) | more than 3 years ago | (#34764304)

That GOV documents like ehm ... cables can LEAK out without the intervantion of an insider?
Interesting ... indeed.

Re:So you mean (1)

ScentCone (795499) | more than 3 years ago | (#34764424)

without the intervantion of an insider?

What are you talking about? They don't leak out on their own. If someone installs a piece of software that grants a third party access to their desktop, then you've just had an insider getting involved. The difference is between an insider doing it stupidly but unintentionally, vs someone like PFC Manning, who stupidly did it on purpose.

Re:So you mean (0)

Anonymous Coward | more than 3 years ago | (#34764552)

That GOV documents like ehm ... cables can LEAK out without the intervantion of an insider?

Of course not. This leak requires the assistance of at least two of these insiders:
- the IT "professional" that decided against using multi-level security even though government acquisition regulations require the functionality
- the drooling drone that clicks on the "ooh! shiny!" link in a random e-mail
- the HR "professional" that decided against providing proper drone training for handling highly sensitive documents

funny.... (0)

Anonymous Coward | more than 3 years ago | (#34764396)

Funny how the "professionals" are totally clueless where they think that even in this day and age of "understanding" (hello to you, navy guy who just wanted to make some people laugh) that they can trust emails, even on Xmas day.

This time, this one time, I'm rooting for the bad guys.

freeze the bank account of the sender! (1)

kubitus (927806) | more than 3 years ago | (#34764486)

isn't this the obvious solution to hit these bad people who do such things?

Block their credit cards too!

Re:freeze the bank account of the sender! (1)

FrootLoops (1817694) | more than 3 years ago | (#34764680)

If only.... Maybe we should hit the recipients who fell for it? Naw....

I had to give some phone tech support today to somebody who installed random internet toolbars and eventually complained to me about their machine running so slowly. It's not like they're a bad person, terrible at their job (the opposite, really), they're just terrible at maintaining a computer. I suppose it's a little more serious when you have sensitive information on your machine.

Earlier today I was also reading an article written by a coder who rederived Atan2. To me that's similar--the article was about 3D graphics, and the guy should have known about Atan2, especially if he's gonna play the expert by writing an article. Analogously, these government employees should known about bad email attachments.

I suppose my point is people make mistakes. It's easier to be annoyed at stupid people's mistakes and think the Atan2 guy's mistake was less serious just because it's more technical. But, virtually everyone is stupid compared to someone else, so that extra annoyance is arbitrary.

Espionage Case-in-Point (1)

Bob9113 (14996) | more than 3 years ago | (#34764544)

A run-of-the-mill malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents ... espionage attacks.

Looking for the upside here: It is nice to have a solid case of espionage as an example against which to compare and contrast WikiLeaks.

Hypothesis: When a person or organization uses deception or other coercion to manipulate a person with clearance into exposing sensitive information, that is espionage. Whether WikiLeaks engaged in espionage is a question of whether WikiLeaks engaged in such deception or other coercion.

Is that a valid principle?

These gov employees are high-tech terrorists... (1)

flyingfsck (986395) | more than 3 years ago | (#34764634)

They should be charged with sexual crimes and placed under house arrest forthwith...

What ever you do .. (1)

doperative (1958782) | more than 3 years ago | (#34764940)

What ever you do, don't mention Windows or Redmond :)

Sensitive Data + Malware Solution (1)

TheoMurpse (729043) | more than 3 years ago | (#34765454)

If a government employee works with sensitive data and has his computer infected with malware due to his own mistake (esp. the types in cybersecurity), he should be fired and so should the networking guy who should have offloaded the sensitive data to a computer not connected to the Internet. This is what I consider unforgivable incompetence.

Ugh! (1)

mschaffer (97223) | more than 3 years ago | (#34765540)

I just love our government.
So how long until they try to blame this on Wikileaks or Assange?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?