×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

European Parliament Computer Network Breached

CmdrTaco posted about 3 years ago | from the breach-the-breach dept.

EU 47

Orome1 writes "The computer network of the European Parliament has been targeted by a cyber attack that may or may not be linked to the attack against the European Commission and the External Action Service networks that took place a week ago. According to the Parliament's spokesmen, the attack was still ongoing yesterday morning and information technology services have put in place some security measures — such as blocking access to webmail."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

47 comments

Why not government by computer? (-1)

Anonymous Coward | about 3 years ago | (#35667422)

One of the big arguments against open source governance is the idea that it could be hacked.

But if Parliament can be hacked, and if election systems can be hacked, then why is it a problem if maybe, just possibly, open governance systems could be hacked? (Though they use a more distributed and open architecture, so probably are less vulnerable.)

Now they block access? (4, Informative)

jhoegl (638955) | about 3 years ago | (#35667434)

Webmail is one of the worst offenders in getting viruses. My brother works at a company that sells computer equipment and they had so many problems because their sales agents were clicking on all kinds of stupid shit in their personal email accounts.

I always blocked personal email unless it was expressly allowed, and even then I told the user one issue and its turned off.

I dont care if these are public officials. They want their public email, get it on their phones or somewhere else! I got shit to secure son!

Re:Now they block access? (1)

sandytaru (1158959) | about 3 years ago | (#35667624)

My favorite is the fake UPS invoices. "Hey, we have an invoice from a recent UPS packed that was shipped to you. Click the attachment to see it!"

Re:Now they block access? (1)

GregC63 (1564363) | about 3 years ago | (#35668504)

After being repeatedly warned... I've had 2 users do that just yesterday. Dumbasses...

Re:Now they block access? (1)

KhabaLox (1906148) | about 3 years ago | (#35669104)

So did my boss. Though in his defense he was expecting an email from UPS. Luckily MSSE caught it and neutralized it completely, as far as I can tell. I ran a DDS log which looked clean, and an F-Secure online scan came back with only tracking cookies.

But shouldn't Win7 and no admin rights go a long ways towards negating these types of malware?

Re:Now they block access? (2)

GameboyRMH (1153867) | about 3 years ago | (#35670456)

But shouldn't Win7 and no admin rights go a long ways towards negating these types of malware?

That keeps it from rooting the system, but a virus can still run with the user's privileges.

Re:Now they block access? (0)

Anonymous Coward | about 3 years ago | (#35671212)

Why the fuck are downloads and attachments given
execution writes in windows? it is really just silly,
when using Linux execution rights have to be explicitly given,
Why are we in 2010 and the latest version of M$ products just run (predominantly) VB code downloaded from an untrusted source willy nilly.

Really why why why. Is it so I have to fork out cash for anti-virus to check the shit that was downloaded wasn't some sort of virus?

Re:Now they block access? (1)

cavreader (1903280) | about 3 years ago | (#35673356)

I believe there are app config settings where you can alter the way programs are executed if you want to. You can also configure the user permissions to limit any potential damage. The biggest security risk in any OS is the user. Trying to lock down the entire OS can also cancel out some of the legitimate functionality.User vigilance and awareness is the best protection against getting a virus. The people creating the viruses and bots are really good at identifying OS weaknesses even when you are running an anti-virus program.

Re:Now they block access? (3, Insightful)

MrLint (519792) | about 3 years ago | (#35667758)

Heres a hint, don't let the user be admins. Then they can't brake out of their account.....

and yes users are stupid. I had one guy who got a mail from USPS, about his Fedex tracking number on his expressmail delivery. He downloaded and opened and ran a zip file. When I asked him if he was expecting a delivery he said 'I dont know'.

Re:Now they block access? (2)

Opportunist (166417) | about 3 years ago | (#35667870)

This is a good idea from a technical point of view. Until you get a boss that tells you in no uncertain terms ("do it or be fired") that he NEEDS admin access to his box.

Now multiply that ego by a million and you are at a politician.

Re:Now they block access? (1, Insightful)

L4t3r4lu5 (1216702) | about 3 years ago | (#35668042)

That's not how it works. A politician is not your employer, the government is. A politician has no hire-and-fire control over staff outside of politics, even if they have that power at all (which I wouldn't think they do).
 
Working in the public sector myself, though not politics, I have no problem telling my employer that they cannot have admin access to their local machine, and certainly not to the domain, unless they sign off that they accept that I am released from any and all responsibility under the Data Protection Act. If the choice at that point is breaking policy or losing my job, I choose losing the job. In the UK, it's up to £0.5m personal fines and 6 months in jail for data protection breaches. Fuck that.

Re:Now they block access? (2)

Qzukk (229616) | about 3 years ago | (#35668636)

A politician has no hire-and-fire control over staff outside of politics, even if they have that power at all (which I wouldn't think they do).

Oh no, of course not, he could never fire you. Of course, it would be a shame if the department's budget was cut to $10. Of course, the politician would probably want to run that by your boss and get his input on the matter, to make sure the right cuts were being made.

Re:Now they block access? (2)

KhabaLox (1906148) | about 3 years ago | (#35669146)

It seems to me there was a government sys admin in San Francisco that stood up to his bosses and ended up in jail. OK, so not exactly the same situation, but still....

Re:Now they block access? (2)

AC-x (735297) | about 3 years ago | (#35667922)

Heres a hint, don't let the user be admins. Then they can't brake out of their account.....

Except in cases of privilege escalation exploits, and there's plenty of snooping that can be done by a program running under a user's context. I'm pretty sure most large corporate networks have all their non-techy users locked down, but that doesn't mean people can't still hack in through a non-admin account.

Re:Now they block access? (1)

MrLint (519792) | about 3 years ago | (#35668164)

Oh indeed exploits are always an issue. However, at least in the place I work, anyone who wants admin is give it, with the most flimsy of reasons to the most incompetent people. So I just sit and wait for the train wreck.

Re:Now they block access? (1)

Culture20 (968837) | about 3 years ago | (#35668436)

And the userland driveby downloads can sit in the background, schedule themselves to run on boot up/log in, regularly download new exploit attempts (just before patch tuesday), or act as bonnet members for ddoses, etc.

Re:Now they block access? (2)

malkavian (9512) | about 3 years ago | (#35668202)

Deceleration doesn't affect computer security. That aside, users aren't stupid (in the main). They just aren't entirely sure what a computer will or won't do. The same as I'm not quite so sure I could do the job my system users perform (i.e. surgery, anaesthetics, haematology etc.). Part of my job is to make sure they're as safe as they can be in doing their job, while still allowing them to do it.
There are so many infection vectors (compromised web sites, including the occasional high profile one, webmail, mail that makes it past the filters for the local mail servers etc.) that to blame it all on "stupid users" is completely unfair, unwarranted, and incorrect.
Lack of admin on a machine doesn't mean that nothing can be done. After all, what's a crack from outside your site? Oh, can't be done because they don't have admin when they start looking? Course it can. Cracking is all about privilege escalation, just having someone execute something from an existing shell cuts out a lot of the hard work.
As the the guy with the tracking number.. Wouldn't be the first time that an old 'lost' parcel got unearthed, and I've heard from the courier that there's new activity.. "I don't know" to the question of whether he's expecting a delivery is absolutely correct. You don't know 'till you look. However, to know to look safely, you need to know more about computers. That's where your training hat comes in (you have trained your users how to look for extensions on files, and what they mean, haven't you? That should be a basic security point. You've told them what these files do, right? If not, that's your problem as the professing expert, rather than theirs as users who rely on you to do what they know how to do).

Re:Now they block access? (3, Insightful)

jhoegl (638955) | about 3 years ago | (#35668242)

You assume the user cares, and would listen to you.

You assume wrong.

Re:Now they block access? (1)

malkavian (9512) | about 3 years ago | (#35670142)

No, I don't assume at all. Just part of my remit to make sure they have a fair stab at doing the right thing. By and large, they do. No such thing as perfect, it's all risk mitigation.

Re:Now they block access? (1)

Opportunist (166417) | about 3 years ago | (#35668026)

I'd wonder why webmail access was available in the first place. Isn't there some requirement for auditability of their mail? I mean, they're public servants, isn't that like opening a backdoor for shady deals?

Aside of that, one of the FIRST things I recommend during a security audit is to disallow any mail traffic but auditable and company owned systems, on all levels. Usually it is trivial to get it done for the lower echelons, but the resistance at C-level is crippling. In other words, yes, we'll do it for our worker drones, but WE need our webmail for ... erh... WE NEED IT, ok? Shut up, consultant, we're the ones signing your invoice, so hush!

Telling them that security is a matter of the weakest link doesn't help much either.

Re:Now they block access? (1)

jhoegl (638955) | about 3 years ago | (#35668140)

I hope you document their response and have them sign off on it.
One of the biggest concerns is that their policies can be pushed back on you. As if it is your fault you told them and they didnt listen.
But yes, I also lock down port 25 for everyone except vital systems.

Re:Now they block access? (1)

Opportunist (166417) | about 3 years ago | (#35668262)

Of course, and of course they sign it off without a problem. Why not? It doesn't threaten their ability to get the certificate they're aiming for (yes, a security cert does NOT certify that you're secure, only that you have evaluated the risks, if you choose to ignore them, so be it), so why shouldn't they sign it off? It IS very funny sometimes, though, to read how they justify their "need" for webmail or access to certain pages (e.g. facebook) that MUST NOT be accessed by anyone else in the company for the huge security risk associated.

Re:Now they block access? (1)

Teun (17872) | about 3 years ago | (#35669236)

Members of the European Parliament are elected representatives from 27 different countries, each with their parties and own mail systems.

The Parliaments own mail system likely only handles a fraction of the total mail.

Re:Now they block access? (2)

EvilAlphonso (809413) | about 3 years ago | (#35669522)

The article isn't very clear but, having worked there, webmail would probably refer to Outlook Web Access...

Re:Now they block access? (1)

Nefarious Wheel (628136) | about 3 years ago | (#35671450)

This is all beginning to look like the cyber wars in David Brin's "Earth". I think I'll take that one off the shelf again, deserves a re-read.

Hacker Skill (2, Funny)

Ancantus (1926920) | about 3 years ago | (#35667462)

'This is not a couple of teenage boys hacking into the [EU] institutions,' said an official.

But it could be the work of a person with the skills of 1,000 hackers [slashdot.org].

Re:Hacker Skill (3, Insightful)

fuzzyfuzzyfungus (1223518) | about 3 years ago | (#35667498)

Yup. It would be embarrassing if it were a couple of teenagers breaking in, therefore it is not a couple of teenagers breaking in.

Perhaps it is the same mysterious "Advanced Persistent Threat" that hit RSA a little while ago...

Skills of 1000 Hackers (1)

dkleinsc (563838) | about 3 years ago | (#35667876)

(apologies to Wilson Pickett)

Got to hit the IP like Tim Berners-Lee.
Mash the keyboard, set up the d-words.
See if its a MIPS, get to backbone from SLIP
Find the SSH key like the great Trinity
Hey! Uh!

Na na-na-na-na na-na-na-na-na-na-na-na-na-na na-na-na-na
I need somebody to help me type it one time
(Na na-na-na-na na-na-na-na-na-na-na-na-na-na na-na-na-na)
Wo--ow!

Re:Hacker Skill (0)

Anonymous Coward | about 3 years ago | (#35672728)

I think Canada may be involved.
We suspect their leader is a Sith Lord.
http://www.youtube.com/watch?v=nbZjGGWk528

Open source == fail (-1)

Anonymous Coward | about 3 years ago | (#35667544)

Isn't the EU powered by Loonix? Monster fail for open sores!

I Blame the Secreteries (2)

jimmerz28 (1928616) | about 3 years ago | (#35667604)

I'd venture a guess that a lot of the secretaries are on coupon websites. Downloading and allowing god knows what to run.

Re:I Blame the Secreteries (2)

kvvbassboy (2010962) | about 3 years ago | (#35667696)

Even if this was true, the sysadmin, whether Windows or Linux, wouldn't have provided permission to just run something with write-access to root. I am sure it would have been more sophisticated than that.

Re:I Blame the Secreteries (2)

Opportunist (166417) | about 3 years ago | (#35667880)

Most likely he has, because most likely he was told to.

I worked for a while for politicians. If you think your boss has an ego that needs its own office, you never worked for one. OF COURSE he, his secretary and his dog need admin privileges. How dare you expect to be allowed to do more on the computer than him?

Good! (1)

Anonymous Coward | about 3 years ago | (#35668328)

I hope whoever did this grabbed all documents they could find and will be putting them on WikiLeaks or whatever. This is the only way we'll ever see any kind of transparency in EU goverment.

IS WIKILEAKS AT IT AGAIN?!? (0)

Anonymous Coward | about 3 years ago | (#35668354)

IS WIKILEAKS AT IT AGAIN?!?

Send in the Operative (0)

Anonymous Coward | about 3 years ago | (#35668516)

"In certain older, civilized cultures, when men failed as entirely as you have, they would throw themselves on their swords."

idiots (1)

Anonymous Coward | about 3 years ago | (#35669840)

I cant believe all the half ass comments here for a tech discussion. This is going on with a broader spectrum. Shame on /. and shame on this userbase. Amazing how some are unwilling to connect the dots, and submit good journalism / editorials.

here an example: http://www.wired.com/threatlevel/2011/03/australian-pm-hacked/

br- an old reader

Verify? (1)

Ceriel Nosforit (682174) | about 3 years ago | (#35676856)

I can't trace the source of this news. TFA mentions "an official", but who and where are a mystery. The websites of the EP and the EC make no mention of this.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...