×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Extent of Government Computers Infected By Bots Uncertain

Zonk posted more than 7 years ago | from the they're-looking-into-it dept.

96

Krishna Dagli writes to mention findings by the company Trend Micro on the extent of bot infection in U.S. Government computers. The article by Information Week indicates that, while the 'original' findings were much harsher, the security vendor has since backed down from some of its claims. Still, the extent to which information-stealing software has penetrated our national infrastructure is enough to take note. From the article: "While it may be tempting to discount the warnings of security vendors as self serving--bot fever means more business for Trend Micro--there's unanimity about the growing risk of cybercrime. In its list of the top 10 computer security developments to watch for in 2007, released last week, the SANS Institute warns that targeted attacks will become more prevalent, particularly against government agencies. 'Targeted cyber attacks by nation states against U.S. government systems over the past three years have been enormously successful, demonstrating the failure of federal cyber security activities,' SANS director of research Alan Paller says in an e-mail. 'Other antagonistic nations and terrorist groups, aware of the vulnerabilities, will radically expand the number of attacks.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

96 comments

No Problem... (1, Funny)

Scoth (879800) | more than 7 years ago | (#16335137)

Just get some draino for those tubes!

Re:No Problem... (1)

sanguisdev (918861) | more than 7 years ago | (#16335827)

don't you wish the Internet was more like a dump truck, you could just wash it down w/ a good stream of water when it got to dirty. the the Series of tubes that is what the Internet is made up of needs a very special pipe cleaner called, firing the person using the Gov box to surf in site that have bots for adverts. and then to top it all you need to get a filter to catch all the pubic hairs(bots),that come off while computing w/o pants on. that damn series of tubes. so hard to maintain

Not only governments, but enterprises at risk (0, Insightful)

Anonymous Coward | more than 7 years ago | (#16335155)

Most of cybercrime is just the ole criminal activity for financial gains. This is often underestimated.

http://www.verkiezingen2006.nl/ [verkiezingen2006.nl]

Other antagonistic nations? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#16335183)

'Other antagonistic nations and terrorist groups, aware of the vulnerabilities, will radically expand the number of attacks.'"

You mean anagonistic nations other than your own?

Hey (-1, Troll)

Anonymous Coward | more than 7 years ago | (#16335187)

Just STFU you damn Jews.

Why, that means (4, Insightful)

Geminii (954348) | more than 7 years ago | (#16335193)

- we have a new excuse for legalising illegal wiretapping and making it mandatory for Americans' PCs to spy on their owners! Because if we don't, those strangely elusive terrorists will have won. Again.

Re:Why, that means (1)

Doc Ruby (173196) | more than 7 years ago | (#16335917)

That would mean holding government people to the same laws as civilians. When do we do that?

Wouldn't it be fitting... (1)

HikingStick (878216) | more than 7 years ago | (#16335195)

Wouldn't it be fitting if TM discovers, after its review of those 6TB of data, that the majority of bots are operating from within their own network, and from within those of their peers in the security industry. It would be a fitting irony.

Re:Wouldn't it be fitting... (2, Insightful)

Hijacked Public (999535) | more than 7 years ago | (#16335315)

But they would never 'discover' that, because they can't sell themselves or their peers security software. A more newsworthy headline, even aside from the fact that 'Extent of Government Computers Infected by Bots Uncertain' really has no relevant meaning at all and anyone who paid to get a report with that title should demand a refund, would be if a security software company audited someone's machines and reached the conclusion that no, you do not need to buy anything from us.

Granny != Uncle Sam (2, Interesting)

Rob T Firefly (844560) | more than 7 years ago | (#16335207)

Insert the standard grumbling about government mismanagement and IT provided by the lowest bidder, but this is really extra sad. If people like me can keep bots off our grandmothers' computers for the low, low price of a smile, a hug, and some melted sweets which date back to the Carter administration, why can't the people who built the damn Internet manage?

Re:Granny != Uncle Sam (2, Insightful)

rwhamann (598229) | more than 7 years ago | (#16335359)

Because many of Uncle Sam's employees have the tech skills of granny. Just like a home users, convenience often trumps security - "don't break the mission!"

Re:Granny != Uncle Sam (2, Interesting)

rahrens (939941) | more than 7 years ago | (#16335561)

"No generalization is worth a damn, including this one." - Oliver Wendell Holmes.

Neither is yours.

I work for a Federal agency (see my post below) and we have a large number of skilled IT workers (some as contractors, some as Feds) that diligently keep our network up, running, as as safe as several million dollars a year can manage.

For your (and the parent poster's) information, it is not as easy to manage millions of computers spread over the entire globe and keep them as safe as your granny's PC. If you think it is, then you need to find another profession.

Every Department is separately managed and funded. They all have different tasks, goals and operational requirements. Funding is and has been for years, getting slimmer and harder to come by. Virtually every government agency is underfunded just for core operations, never mind little things like computer operations.

If you think this is easy, then try working with us for a while; you'll not be so glib in just a month.

Re:Granny != Uncle Sam (0)

Anonymous Coward | more than 7 years ago | (#16335749)

If you think this is easy, then try working with us for a while; you'll not be so glib in just a month.
I think it could be easy if the bobos in charge actually had any interest in getting things done the right way. It's not your fault you're in bureaucrat hell in a department that the suits up front don't even like to admit to needing. They're the ones with growing up to do, maybe some day they'll actually realise what it takes to run networks without cheaping out on the skilled people necessary or forcing them into nonproductive procedures. If that ever happens, you and your compadres can be as glib as you want, because shit will actually be working for a change.

The OP's granny knows the right way to do things - get someone skilled and trustworthy in to handle it,in the way they know how best to do it. She could teach the gov quite a few things, if they weren't so bent on trying to look like they know everything when really they're still thinking it's all magic tubes that should "just work."

Re:Granny != Uncle Sam (2, Interesting)

rahrens (939941) | more than 7 years ago | (#16336515)

I think you need a reality check.

The US government is a large, diverse entity with over a million people working for it in places all over the world. It takes a lot of money to make it work, and as with any government, that money has to be coerced out of the population by law; You don't pay for services, mostly, as you would from, say, your local air conditioning service company.

In a lot of ways, I agree that many of the people, especially in Congress, fit your characterization, as do a few government managers. But by and large, most do not.

Sure, there are managers that don't always focus on the right ways to do things, often becasue they're looking in the wrong direction at the wrong time. But under the current fiscal constraints the government is working under, almost all agancies are working under very tight monetary conditions. It isn't easy for many agancies to just do their core mission, much less things Congress considers fripperies.

As always, it isn't easy to get the management to understand what we in IT need in order to do the job that they ask of us. They are not, after all, technically oriented. We, on the other hand, are technically oriented, but not always able to properly communicate to them in language they understand just what we need. So the wheel turns, and things some time go to shit.

But guess what? Things do that in private corporations, too! Or don't you read the news?

if you want to gripe, gripe about managers everywhere, not just in government.

If you'd read my posts, you would see that in my agency, the management is actually paying some attention to us, with good, predictable results.

Re:Granny != Uncle Sam (1, Insightful)

Anonymous Coward | more than 7 years ago | (#16336533)

For your (and the parent poster's) information, it is not as easy to manage millions of computers spread over the entire globe and keep them as safe as your granny's PC. If you think it is, then you need to find another profession.

If it isn't easy then you shouldn't do it. Seriously. If *you* find it hard to to manage millions of computers, then you shouldn't be managing millions of computers. Nobody should. No one person should be directly managing more than a few hundred or thousand computers at most and then they should be using the appropriate software tools. I know what you meant, but it is important to be clear about who is responsible for what in an organization as big as the US government and the associated institutions.

This isn't a problem of computer security, but a management issue. Delegation of authority is what management is about. The problem of keeping some computers and a network relatively secure is not the problem. It is putting a management system in place to be able ensure uniform best practices across the bureaucracy which is at issue. It seems far too easy for networks of hundreds or thousands of computers to go without appropriate computer security personnel for extended periods of time. Transitions are also a problem, with computer security being a very unrewarding area it seems that people are moved around with some frequency. There is nothing about computer security that is inherently hard, but the difference between good management and bad management is so little that it is hard to tell the difference until the effects are felt some time later.

Re:Granny != Uncle Sam (1)

rahrens (939941) | more than 7 years ago | (#16336645)

I can see you don't know much about your own government, if you are American.

What part of "large" and "diverse" don't you understand? The US Government is comprised of a number of cabinet level Departments, each of which is separately managed and funded. That means nobody is managing more than you said. Some Departments even are sub-divided, such as the DOD, making it even less centrally managed. Don't put words in my mouth.

What I said wasn't a complaint, it was a statement of fact. It meant that the task isn't the same as managing your granny's PC, so you can't compare the two. It wasn't about "me", either.

So the management environment in the Federal Government is going to be mixed. Some are better managed than others, obviously, judging by the results we see.

The issues you relate in your second paragraph are true, and common to any large organization. So read the news, and realize that these problems are comon to all sectors of the economy. This article just focused on the Feds, but since we use the same technology as the rest of the world, we will face the same issues.

Re:Granny != Uncle Sam (1)

boyfaceddog (788041) | more than 7 years ago | (#16335801)

Interesting and true (sorry, no mod points right now).
As someone who has worked for a government agency before, I can vouch for how cash-strapped these places really are. Money goes to wages and health care and very little is left for other things. Granted, the USA Government should do a better job, but given the amount of red-tape involved in contracting the IT dept (clearances, call-out times, safety assurances) it is a wonder the PCs work at all.

It would be great if we could all go into the government with our skills and tools and just fix things, but we'd never get clearance to work on the PCs. Its a catch-22 that we don't need clearance to infect a government PC and steal the data, but we need it to fix the PC and keep other people out.

Re:Granny != Uncle Sam (1)

mac84 (971323) | more than 7 years ago | (#16336697)

The people that built the damn internet don't manage the systems any more. Take a gander at OMB Circular A76 (for those that don't know and don't care to llok it up, it's a directive from the Office of Mangagment of Budget that directs agencies to contract out for their help). Bid out all your IT administration to the low bidder and see what happens. Right now if the agency I work for buys me a new Dell, the IT contractors may get around to configuring and installing it for me within six months. It's obsolete before it ever makes to my desktop. And they won't give a senior level electrical engineer administrative rights to his own desktop, so you can't do it yourself.

Bots accounting for questionable browser habits (2, Insightful)

Neil Watson (60859) | more than 7 years ago | (#16335209)

How many of these bots are there to generate hits for porn sites thus making the employees look bad?

Re:Bots accounting for questionable browser habits (1)

Plutonite (999141) | more than 7 years ago | (#16335405)

Good point. Maybe this [slashdot.org] has been slightly exaggerated then, and I don't have a reason to be so pissed at the govmint people after all.

 

It's the bureaucracy that's the biggest problem (5, Insightful)

elrous0 (869638) | more than 7 years ago | (#16335223)

As someone who has worked in government IT, I can tell you that the biggest problem that we faced security-wise was the bureaucracy of the government. Want to hire a consultant, buy a piece of security software? Then you have to go through the long and arduous procurement process (forget any nimbleness or adapatability). Want to fire someone who is incompetant? Forget it (firing anyone is a HUGE pain in the ass, especially in the federal system). What you end up with in government IT (and, hence cyber-security) is often a bunch of guys used to doing the same thing every day; never learning anything new; who have grown burned-out, disenchanted, and cynical with the whole process.

-Eric

Re:It's the bureaucracy that's the biggest problem (1)

P3NIS_CLEAVER (860022) | more than 7 years ago | (#16335505)

The biggest problem is that people mention 'goverment computers' with this huge blanket statement. Goverment agencies are not connected to each other (except by the internet) and they are all run differently, with different policies and safeguards. Different sites might not even be connected in the same organization. There may be vulnerabilities in certain areas but they aren't necessarily systemic.

Local govt IT sysadmin here... (0)

Anonymous Coward | more than 7 years ago | (#16335707)

I'm the systems admin for a medium-sized city govt in the southern US. Please don't paint all "govt" IT ops with a broad brush. Yes we have a cumbersome bureacracy imposed over us, but we have a crew of very sharp folks working in our department and are able to keep all our systems updated to the latest performance and security standards in spite of the PHBs. I dare say, we probably run a tighter ship here than many high-tech private sector corporations. We use Linux and open source stuff extensively to secure our networks (mostly Winblows on the inside, due to the problem that all app vendors only write for MS anymore), but Linux-based firewalls and security monitoring solutions, plus the fact that we don't allow direct routing between our inner and outer networks, keeps us very safe and we've never had a break-in or a major virus/worm/trojan/malware problem EVER in the last decade since we first connected to the public Internet. We are constantly learning new stuff every day, and always have some new systems project in the works to modernize or expand our systems, so our people are always in a state of training for the new technologies.

Re:It's the bureaucracy that's the biggest problem (0)

Anonymous Coward | more than 7 years ago | (#16335909)

Pssst. This is slashdot, maybe you didn't get the memo, but the government is the solution to every problem. The bots are only there because Bush is a moron and because Karl Rove is secretly using the bots to dupe the American public.

STFU, fascist (0)

Anonymous Coward | more than 7 years ago | (#16336651)

We don't need goose-stepping Nazis here that want to impose a white power theocracy on the world.

Re:It's the bureaucracy that's the biggest problem (0)

Anonymous Coward | more than 7 years ago | (#16336953)

I worked as a sysadmin, as a government contractor, for 6 years until I escaped. I certainly have to agree that bureaucracy is a pain, and they don't get rid of dead weight fast enough (which leads to spreading rot, as only the mediocre remain), the biggest problem for me was mandates without funding. We had an enormously expanded security burden since 2001, but little money to fund it.

For me, this was an opportunity. Don't want to pay another agency $40,000/year for vulnerability scans on 250 computers? I'll build Nessus, and provide the reporting for free (or under my regular salary). Increased concern about unauthorized access? I'll build a snort box, and check the traffic. I learned a bunch of hands on stuff that way.

The other big bureaucratuic problem was the constant struggle for more power between managers. I worked at a site away from D.C., but my Cabinet level organization's CIO decided she wanted to centralize IT in D.C. I left before my site was borged, but what I've been hearing is that the centralization and power grab is halted, because they ran into a bunch of problems and couldn't pull it off. Unfortunately, this happened after many man hours of work were wasted.

And Yet Still Windows (5, Insightful)

blueZhift (652272) | more than 7 years ago | (#16335229)

I know it's always fashionable to bash Windows here on /., but stories like this really do beg the question of why the government is not seriously looking at a more secure operating platform. In particular, while Linux is not perfect, it would be much less likely to fall prey to the ills that are epidemic on Windows without much, if any, added cost post transition. I suppose someone will have to die before getting off of Windows is seriously considered, if even then.

Re:And Yet Still Windows (1, Insightful)

Anonymous Coward | more than 7 years ago | (#16335457)

HA

Do you know what govt agencies have to go through to approve an upgrade from Word 2000 wo XP? And you want them to change a whole OS? hahahahah! Nottice I said "approve". They can buy the stuff all day long, but can't install it without jumping through 1000 hoops. :)

Re:And Yet Still Windows (0)

Anonymous Coward | more than 7 years ago | (#16335477)

I say this all the time - the response is always the same - I canhold MS responsible when somethig happens - there's noone to hold responsible when OS breaks. I've been trying to get Firefox authorized - no dice.

Re:And Yet Still Windows (1)

ibbo (241948) | more than 7 years ago | (#16335971)

Bloody hell you would think they would promote an OS that such vulnerabilities were hard to work on. I am flabbergasted that red tape can prevent such a common sense solution.

But then i suspect MS and the US gov are in bed together anyway.

Re:And Yet Still Windows (0)

Anonymous Coward | more than 7 years ago | (#16338485)

You can't hold Microsoft responsible. Read the EULA.

Support for Firefox
InfoSpan (http://mozilla.infospaninc.com/mozilla%20-%20Mozi lla%20Support.htm) - Telephone support at 1-888-586-4539 is available for Firefox 0.9 and above, Thunderbird 0.8 and above, and final Mozilla release versions 1.5, 1.6, and above. $39.95 per incident.

Getting Linux bugs fixed
Just report the bug. Even without paying anything, it'll probably get fixed. Just like with Microsoft.
If you pay RedHat or someone else for support, it will get fixed. Just like Microsoft's extended support options.

Re:And Yet Still Windows (2, Interesting)

enharmonix (988983) | more than 7 years ago | (#16336055)

In particular, while Linux is not perfect, it would be much less likely to fall prey to the ills that are epidemic on Windows without much, if any, added cost post transition.

I am not convinced that OSS is really all that more secure than closed-source software. Not saying Windows is not vulnerable (otherwise we wouldn't be having this discussion), but let's be realistic here. The cheif advantage to OSS is the peer-review process, but in a large company like MS, peer review is probably mandatory as well. If you actually look at some of the technology coming out of Redmond, it's not a thousand monkeys banging on keyboards.

I think the real reason that you see so many security vulnerabilities is because you have experts (not just script kiddies, but blackhat experts) trying to break into Windows on a daily basis. Now ask yourself, how many people really concentrate on inflitrating Linux? Yeah. Not that many. The main (but certainly not only) reason Linux is so secure is that people just don't bother exploiting it. The same argument people use about Mac security applies here as well. If Linux took over 90% of the world's desktops and was used to in the majority of US government infrastructure, I bet you'd see a disproportionate number of vulnerabilities and exploits of Linux. Brain teaser: Would Windows be more or less secure if malware authors had access to the Windows source code?

Anyway, I'm not trying to start a flame war by saying Linux's security <= Windows' security. Another of Linux's strengths (and a weakness as well) is its diversity. An exploit will probably only work on a fraction of the boxes exposed. But with One Distro To Rule Them All (i.e., Windows XP, with Automatic Updates), you've got near zero diversity in the genepool. To ensure maximum application compatibility, MS has also ensured maximum malware compatibility. So I think the answer to the Fed's (and public's) problem with malware is to diversify the computing environment.

Re:And Yet Still Windows (2, Insightful)

Sloppy (14984) | more than 7 years ago | (#16336357)

I think the real reason that you see so many security vulnerabilities is because you have experts (not just script kiddies, but blackhat experts) trying to break into Windows on a daily basis.

That may be an aggravating factor, but it's definitely not the main problem. Windows' biggest problem isn't just that it's proprietary software -- it's that it just plain sucks even within the realm of proprietary software. It's the one platform where

  • Web browser was designed to download and execute binary code from web pages. I'm not talking about accidents and bugs like buffer overflows -- I'm talking about an intended feature. It's horrifically dangerous on purpose.
  • Mailreader executes attached scripts (supposedly this is mostly fixed nowdays?)
  • Word processor and spreadsheet execute macros when loading document -- and those macros can do just about anything.

These aren't merely bugs that Microsoft failed to catch before the product shipped. Free vs proprietary software issues aside, Windows is dangerous by design. It's not just about lack of peer review or poor code quality. It's about trying to serve interests other than the users'. Switching to anything, even other proprietary systems, would almost certainly be better, because the above "features" are things that nobody else would dare to implement.

If another platform were as dominant as Windows and there was still a lack of diversity, the situation wouldn't be as bad. Whether it were free software such as Linux, or a proprietary system such as MacOS, you'd still have a different situation. Bugs would still exist, and vulnerabilities would still be found. But the software wouldn't be designed to treat external (and therefore potentially hostile) content as executable code. You just can't do worse than Windows.

Re:And Yet Still Windows (1)

Rick17JJ (744063) | more than 7 years ago | (#16341173)

I don't entirely disagree with enharmonix's point about Windows being a more widely used target, but a large percentage of all webpage servers already do run Linux and already exist in large enough numbers. I do not work in the computer field, so I don't know how Apache webpage servers running on Linux compare to Windows IIS webpage servers, but why aren't there any Linux viruses or worms designed for them. I use Linux on my computer at home and it is still almost unheard of for a Linux computer to get infected with viruses or worms. Furthermore, I have never heard of a Linux user that got spyware from visting a website or from clicking on an email attachment. With all those Linux webpage servers out there why hasn't anyone yet been able to develop a Linux virus that is actually capable of circulating in the wild? Most Linux programs, users and background services run with limited permissions. There is also a lack of support for webpages and email attachments that use Microsoft's ActiveX technology. The various Linux browsers and email programs also don't automatically run executable code like Windows sometimes does.

There is also greater genetic diversity in Linux. As enharmonix also mentioned "an exploit will probably only work on a fraction of the boxes exposed." Linux users use a variety of browsers, email programs, package management systems and different versions of the kernel compiled with differently with different options. By comparison Windows is an inbred monoculture.

This is not to say that Linux is perfect, security patches are usually downloaded regularly, unnecessary services generally are not run and of course a firewall on a router or the computer is nearly always configured to block as many unneeded TCP/IP ports as possible. Various other things should be done too, but not being a computer professional I won't try to suggest what. I wonder how Vista will compare? With almost unlimited money, time and a large number of the worlds best programmers I am surprised that Microsoft hasn't already solved most of their security problems by now.

Re:And Yet Still Windows (1)

Millenniumman (924859) | more than 7 years ago | (#16343459)

The main (but certainly not only) reason Linux is so secure is that people just don't bother exploiting it.

That's not true. Linux has a significant market share for servers (%30, I believe). It is hard to exploit.

The reason Linux/BSD/OS X is more secure than Windows is because security was a larger factor in its design. It is very difficult to secure a huge software product that wasn't designed to be as secure in the first place.

Re:And Yet Still Windows (1)

maddskillz (207500) | more than 7 years ago | (#16336089)

The problem is, the employees will not be able to use it. To us, using one operating system or another isn't really a big deal, but to your average office worker, it's a huge shift.
I have seen users struggle to use XP after learning windows 2000. To the average computer person, there is no learning curve, but to these users, it's completely different.
Now, try and do the same thing with an operating system that is truly different...

Re:And Yet Still Windows (0)

Anonymous Coward | more than 7 years ago | (#16338227)

I'm so tired of hearing this argument. If IT sets up the Linux pc's with a standard setup (using KDE) for all users with all necessary software pre-installed I doubt "your average office woker" will notice anything more than that the start button and the screen looks a little different. They might not be able to install their favorite spyware laden screensavers and the like but from IT's point of view that's a plus anyway.
Most struggle along with the default setups in whatever software they're using despite the fact that 5 minutes of simple tweaking would make their day to day use of the software much easier. They click on an icon to start their programs and save files wherever that program saves them by default. If the icon is gone a lot of users can't find their programs in the start menu.
Switching to Open Office or KOffice or some such won't be that big a deal. Only a tiny percentage of Office users use anything more than the simplest of features. Hell, most older accountants would still be using Lotus 1-2-3 for DOS if it hadn't been taken away from them.
I had trouble getting users to switch from IE to Firefox until I changed the icon from the Firefox icon to the blue e. After that there was almost 100% Firefox usage without my hearing any complaints.
As long as the company's main product software can run on Linux (that's a big if, I admit) or users can use something like VNC to access it the users shouldn't have any major issues running Linux. They might even really get to like some of its features. And IT will be much happier not having to deal with user caused security and/or performance features.

Re:And Yet Still Windows (2, Interesting)

Lumpy (12016) | more than 7 years ago | (#16336179)

Because they typically will not pay enough for competent IT staff and admins.

Government IT jobs are some of the lowest paying and have the absolutely lowest job satisfaction. Government does not want idea people, they want people that will do what they are told without question.

I know, I was there. Started my career as a Government IT employee. Hated it badly, and could not stand the supervisor that knew nothing about IT yet constantly micromanaged us, even telling us to do things that are insane-wrong then yelled when we did exactly what we were told screwed up something. I got my kicks out of listening to the council meetings where he tried to sound like he knew what was going on and knew his job while he threw around random acronyms. Many a public audience member snickered at thigs he said that were way off or nuts.

Funny part was I almost had him approve naming a new file server "PHUCK".... that last week there was the most fun I ever had :-)

Gawd working for Govt sucked, working Govt IT sucked even more.

Re:And Yet Still Windows Isn't really the problem (1)

Grand Facade (35180) | more than 7 years ago | (#16337517)

Just recently a report was made about how govt workers are wasting time on the internet, shopping, chatting, my space, and porn.....

Gee, I wonder how those bots got in the system? They didn't just cruize in and take up residence. THEY WERE INVITED!

Now if an limitation were installed that would not allow a luser to click OK, that would prevent that from occuring. However on the other hand call center tickets would double and luser satisfaction would decline if they were not allowed to install useless screensavers and fuzzy mouse pointers, or 19 internet search bars.

Luser education is the way, I have never been infected by any of these vermin. Mostly because I learned my lesson with the monkey virus from a floppy someone gave me in 1995. Most of the exploits were not around in the days I was mucking about learning about the internet by searching out the rankest porn (thank the gods). So I was spared from most of the misery, however I am very familiar with it from the other end as an admin.

If lusers were educated or if their privledges were limited the infection would be limited. The fact is that govt does not want to deal with the problem, IT depts are not allocated the resources to deal with the problem. They are not willing to deal with the political effects of limiting privledges (certain PHBs will demand sys admin privs and they are a source of infection). Another way of limiting the infections would be to route all outside traffic through a proxy with heavy filtering, again iliciting potilical backlash with slow access.

I don't really want to go draconian on them, but the wankers shouldn't be shopping or porning on my dime. Cut their nuts off. Clamp down on access and privledges however neccessary. Take away luser privledges now!

It's just the Patriot Act (2, Interesting)

Yfrwlf (998822) | more than 7 years ago | (#16335257)

Spying/eavesdropping/wiretapping? That's just the Patriot Act, come on. You guys made it legal yourselves, and now you're complaining when others do it back to you? Maybe I'm concerned about terrorists running this country, so I should be able to eavesdrop on all government communications. That's the same fantastic excuse you guys use, fair is fair.

Isnt just 1 bad (1)

dalewj (187278) | more than 7 years ago | (#16335347)

I hate to complain, but in certain places isn't just 1 hijacked machine considered to be, too many? If that 1 hijack is on a machine connected to personnel files, military files, or population files then the data that could be stoeln could be huge. I cn imagine someone who has purchased a million or so hijacked machines would try to use some interesting tools on every machine just to see if 1 or 2 of them show good secure government data.

This scares me, i don't care if its 1 machine or 10,000 machines.

Budget cutbacks and incompetence (4, Insightful)

RingDev (879105) | more than 7 years ago | (#16335367)

I used to work both as a consultant, and an LTE for a department of a state government. I did software development, all of our Network resources were managed by the Department of Administration (DOA, appropriately enough). DOA may have started out as a good idea, one centralized agency that maintained licensing, contracts, support, purchasing, etc... But cutbacks led to them continuously cutting pay and positions. By the time I left, the only representatives from the DOA that I knew of were two LTE college students, and one former manager who took a demotion to a tech position to stay employed (which just happened to bump one of the last skilled technicians out of the department).

Anyways, under their watch we had numerous security breaches. One of our servers was hosting a child porn collection and IRC channel. Another server had been crippled by viruses, and we had seen other signs of intrusion time after time. The child porn server was confiscated by the FBI when they tracked it down. They returned the server to the DOA when they had finished so that the DOA could learn from the breach and correct the security issue, but there was no one employed with the DOA who could identify the failure or what to do about it.

Anyways, my rough guess is that given what I've seen of state networks, I would think they are heavily botnetted. The other side of the public sector though, atleast the Marine Corps network, is a pretty impressive setup. I've seen those guys in action and I would be extremely suprised if there is a lick of traffic that escapes their pipes with out their express knowledge.

-Rick

Re:Budget cutbacks and incompetence (2, Funny)

Fr05t (69968) | more than 7 years ago | (#16335667)

"I've seen those guys in action and I would be extremely suprised if there is a lick of traffic that escapes their pipes with out their express knowledge."

I'm terrible with conversions, but isn't 1 lick approximately equal to 142 bytes?

Re:Budget cutbacks and incompetence (1)

RingDev (879105) | more than 7 years ago | (#16335737)

Unfortunatly, I'm not finding anything good on Google when searching for Lick to Byte. I could probably increase the responses by turning off safe search though...

-Rick

Re:Budget cutbacks and incompetence (0)

Anonymous Coward | more than 7 years ago | (#16336855)

I think you have it backwards. I'll use your numbers. Assuming 142 Licks to get to the center of a tootsie pop, this is the equivalent of one byte.

Don't bet on it (1, Insightful)

Anonymous Coward | more than 7 years ago | (#16335791)

The unclassified side of military networks can be just as scary as any other government IT network. I can't speak directly about the Marines, but I remember Code Red hitting the Army networks connected to NIPRNET real hard, compromising thousands of machines and generally making life difficult for those of us on the same connections.

It's like any other organization though - there's areas that are run exceedingly well, and areas that aren't. It's hard to generalize about anything as large and complex as government, or even military IT.

Re:Don't bet on it (3, Interesting)

RingDev (879105) | more than 7 years ago | (#16336519)

There were a few notables I saw while I was active duty in the Marine Corps as a 4067 (Computer Programmer). My first experience with the MITNOC was in Okinawa, Japan. One of the network/pc techs had put up a geocities page that had references to UNC paths inside the network. It worked great for him because he could go to any PC on any of the bases and get to all of the tools/software/installs he needed for most of his work. The links were only worth a damn if you could get into the network though. Unfortunately someone else (I believe it may have been 'Hackers for Girls') also discovered the links. The same weekend in 1998 that CNN was disrupted, the MITNOT (Located in Quantico, VA) noticed a huge flood of attacks on the Oki network. With in a few hours, the MITNOC had the website taken down, a mirror image of the PC tech's hard drive, his browsing history for the last 3 months (printed and digital), and 3 Marines on a plan to Japan.

Another notable environment I saw was one of the Office buildings in Quantico, VA. Each new building for the most part had it's own network design team that would configure the building prior to people moving in, and they would design and configure everything. Once the regular staff showed up, the design team would hand off control of the network to the local IT department. The guys at the Marsh Center had this down to a science. When I left Quantico, the only thing those networks would get out of their chairs for was to clear a printer jam or replace failed hardware. Everything else was locked down, automated, network pushed, and other whys control remotely. A truly beautiful environment for both the IT support team, and us developers.

-Rick

this takes $$$ time and energy (3, Informative)

rahrens (939941) | more than 7 years ago | (#16335391)

If an Agency is willing to spend the money, time and energy to put in place the protections that the typical Government information system deserves, this wouldn't be a problem.

My agency uses a multi layered defense to protect us against these issues. There are network level protections, PC level protections and desk-side support level protections. We also regularly send out warnings about current threats as well as require personnel to undergo annual IT security awareness training.

Individual PCs that are found to be broadcasting unknown signals to unknown or unverifiable outside destinations are removed from the network and reimaged immediately.

If, from a complaint to the help line, we find that a PC is infected with spyware, we don't even try to remove it; it is immediately reimaged.

We have instituted a locked down desktop policy; users are NOT allowed admin access except through application to a special committee for good business cases, based upon the use of special software that requires such access to run. We bend over backwards to alter those situations to avoid that access whenever possible.

Laptops are imaged using an image that is encrypted using a good encryption program that encrypts the entire hard drive using a 512 bit key, and NO laptops are allowed to be bought without going through our recieving process where that image is installed.

We have spent millions of dollars of your tax money in the last five years bringing this system online, but now that we have, we believe that we have as safe a system that we can get without just unplugging it or spending twice as much.

We don't have classified material, but we do have information that is confidential by law and must be protected from public release. (proprietary information belonging to firms we regulate.) This limits the measures we need to use, since classified material requires a completely different level of protection.

If the VA had used a system like ours, they would never have been embarrassed by the recent theft. The theft may still have occurred, but the information would never have been at risk.

It is not a perfect system, and it takes constant dilligence to maintain and periodically upgrade, but I think we do a pretty good job.

Re:this takes $$$ time and energy (1)

vertinox (846076) | more than 7 years ago | (#16335849)

So um... What exactly do we need to protect with all that security at the United States Forest Service?

Re:this takes $$$ time and energy (1)

rahrens (939941) | more than 7 years ago | (#16336231)

If you work for the Feds you know how the different Departments have differing tasks, goals and operational environments. I'm sure that your employees wouldn't like their SSAN's and other personal information open for all the world to see!

trojan task .. (1)

rs232 (849320) | more than 7 years ago | (#16336081)

.. multi layered defense .. network level protections, PC level protections and desk-side support level protections .. annual IT security awareness training .. reimaged immediately .. a special committee .. encrypted .. recieving process where that image is installed

Apart from this trojan task what else does the IT department contribute to your business.

"We have spent millions of dollars of your tax money in the last five years bringing this system online"

Ah, I see .. there's nothing like spending other peoples money. Do you mind telling us the name of this agency as you do seemed to have covered security better than the rest.

'Last night I had the same dream again.

I was walking along a beach littered in small stones.

I carried a basket filled with similar stones.

Every time I found one exactly the same I could put it down.', ???


was Re:this takes $$$ time and energy

Re:trojan task .. (1)

rahrens (939941) | more than 7 years ago | (#16336305)

Uh, what do you exactly mean by "trojan"? Our department isn't disguising itself as something it isn't, like a trojan is usually defined. We are integral to the FDA being able to do its job without outside interferance with IT operations.

I work for the FDA - the Food and Drug Administration, and we are part of the HHS.

If you work for anybody but yourself, you are spending someone else's money, so what? I like that, too, especially when they have more than I do (which isn't hard...).

Cute little poem, but what relavance has it to my post?

read a book .. (1)

rs232 (849320) | more than 7 years ago | (#16336885)

"Our department isn't disguising itself as something it isn't, like a trojan is usually defined"

The story goes that a war was fought by the Achaeans against the city of TROY for ten years. They built a Wooden Horse and hid in it until the trojans brought it into the city. Ergo trojan task refers to any Herculaen task.

"Cute little poem, but what relavance has it to my post?"

It's something similar to a quote from, I think, Grace Hopper [wikipedia.org] regarding braking codes in WW2. Now that was a real trojan task. She discovered the first computer bug, a moth caught in a relay.

was Re:trojan task ..

Re:read a book .. (1)

rahrens (939941) | more than 7 years ago | (#16337735)

Sorry, didn't relate the work 'trojan" with what is usually described with the (also) Greek name-derived word "herculean", which, I think is more often used to mean a large, difficult task. Usually the trojan war is refered to in modern literature as being related to the deceptive manner of the Greek entry into Troy, as in "Beware of Greeks bearing gifts".

I'd never heard of the poem, I'll look it up and read it, if that was just a snippit.

Re:read a book .. (1)

rahrens (939941) | more than 7 years ago | (#16338341)

..sorry, I meant "word" trojan...

fat fingers...bad eyes didn't see the error until after I hit submit.

The difference is (1)

RKBA (622932) | more than 7 years ago | (#16336895)

"If you work for anybody but yourself, you are spending someone else's money, so what?"

The difference is that only the government forcibly takes people's money under threat of imprisonment.

Re:The difference is (1)

rahrens (939941) | more than 7 years ago | (#16337823)

That's true, but people at our level don't have anything to do with either the coersion or the allocation of that money, now do we? I won't feel bad about that, after all, at least some of that money was mine! You ARE aware that Federal employees pay income taxes, too?

Does YOUR employer take money from your paycheck and then pay you with the resulting funds? Mine does!

Re:this takes $$$ time and energy (1)

Terrasque (796014) | more than 7 years ago | (#16337465)

Laptops are imaged using an image that is encrypted using a good encryption program that encrypts the entire hard drive using a 512 bit key, and NO laptops are allowed to be bought without going through our recieving process where that image is installed.

I was just wondering, how do you do that? Where is the key saved? Is the user required to type in a 512 bit key every time they start?

If it's saved in hardware, something along the trusted computing stuff, I can understand it. But how many laptops have that?

Otherwise, it brings me a feeling of uneasiness. Let me explain

If the user need to type the password :
  • Does the user need to remember the exact 512bit key (the hex equiv)? I bet he's written it down somewhere easily accessible.
  • Does the user write in a password which is then hashed? Won't the security hinge on the password, then? A 512bit key is uncrackable, true. But is a 8 char password?
  • If the user require to type the password in, is it software based? Can a potential cracker change the boot loader to get the password, type "Wrong password" and then save the pw and give the user the real prompt?

If the user dont need to type the password, where do the system get the password from, and is that storage location safe from a potential cracker?

I've been thinking on securing my own laptop, but the problem is, as long as I dont have special hardware, every idea I've had I would have been able to get around. So I'm curious how you've done it.

Re:this takes $$$ time and energy (1)

rahrens (939941) | more than 7 years ago | (#16338121)

The key is, of course, part of the software that encrypts the hard drive, and yes, is based upon the password. Our agency forces the use of long passwords, from 8 - 16 characters, mandating the use of capital letters, lower case letters, and numbers.

Yes, the user has to type the PW, after all, if it's stored, then it's accessable, isn't it?

Of course the security depends on the PW - it always does, unless one is using biometrics, and that has its own problems.

I've seen some of the mathematical probablitites characterizing just how much brute force it would require to force an 8 character password using the three different character types we force, and since our app forces a reboot after three incorrect tries, no-one is going to force a password. They'd have to guess, and spend a lot of time waiting for reboots while they're at it. I hope they're patient.

The storage location, being in the usrs' heads, is only accessible if they have access to the user.

There are several apps on the market that companies use for this purpose, the one we use is Pointsec. It encrypts the entire HD, unless you have the password, even a separate boot disk cannot even recognize the HD as being a bootable disk; it looks like an unformatted drive.

This program is only meant to protect the data on the HD from theft; the HD can be reformatted and reloaded, but the data on it can only be extracted and read if you possess the password, or have a same numbered version of the encryption program on another mnachine you can attach the HD to AND know one of our admin passwords, which we restrict to a very few top IT people. None of the desktop admins know them, we use a challenge-response system to give desktop admins temporary passwords to administer the laptops.

As I said, the key is, like all such keys, generated by the software based upon something provided by the user, in this case a password. Without that password, you cannot gain access, but this system, like all such systems, depends upon the users to use good passwords. We do what we can to force good password generation, but there only so much any system can do.

Re:this takes $$$ time and energy (1)

Terrasque (796014) | more than 7 years ago | (#16339373)

Ok, a few points.

8 character passwords are in the realm of today's private sector computers. And if you think people will sit at the prompt, well.. think again :p
An attacker would make a backup of the disc, find the encryption used, and start cracking.

even a separate boot disk cannot even recognize the HD as being a bootable disk; it looks like an unformatted drive.

Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software. Which means that there must be something unencrypted a standard computer can read. But that's beside the point.

You've yet to explain how it stops for example a very small usb key, set to boot first, that have this logic: 1st boot, provide a fake prompt, get password from user, save on usb key, display "wrong password", and pass to real pw window. Next boots, skip directly to real pw prompt. (don't do the mistake many people do, center their reply on the "usb" part. it could also have been a cd, diskette, a change in the boot loader for the encrypted program, who knows, some really smart people might have gotten it all in a modified BIOS. Or just attaching a small physical key logger on the keyboard cable. And maybe a few more ways i haven't thought about.) Of course, this would be a targeted attack by determined people. But if you aren't expecting such attacks, then why have all that security?

As I said, I've been theorizing about how to secure a laptop, and every idea I've had, I've also found a weakness that I would be able to use to break it. The only thing I've seen yet is hardware like Trusted Computing [wikipedia.org].

Re:this takes $$$ time and energy (1)

rahrens (939941) | more than 7 years ago | (#16339807)

Ok, explain to me why he'd need a BACKUP of the disk - he's got the laptop, he's got the disk - the back up does what for him?

"Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software."

Yeah, that would be something called Pointsec. Give it the right password, get in. Works real well. Forces a reboot after every third wrong password.

Just what other software would you use to do your little attack that can duplicate a 512 bit key? ...From a password you don't know? Do you know how many iterations you would have to go after to force an 8 character password using three character types? (lower case, upper case, numbers with an unknown combination of the three types in the password) I haven't done the math myself, but I've seen it. The number's big enough to need scientific notation to express. Good luck and I hope you have a good pension plan.

Oh, and we also have a lot of people that use 16 character passwords, we do allow them that long.

Yeah, you can attack the encryption directly at the bit level, but why? You'd need a real cray computer to do that, and against 512 bit encryption, probably about 50,000 years. Agin, I hope you have a good pension plan.

Some very smart people spent a fair bit of time thinking about just the very things you are when they wrote this stuff. I'm sure, like anything else in the security world, this can be cracked, given enough time and money.

But it'll take a lot of time, and money. For the people that would want the stuff we have, and are likely to have on a laptop, (which is not much, since everything is saved at the network level) then good luck to them in getting it for anything like a cheap enough price to make it worth their while.

Then perhaps you should be looking for a job in the security field, I'm sure they'd fall all over themselves offering someone as smart as you plenty of money. Better yet, offer yourself to those wanting to crack this stuff if you're that smart - I'm sure they'd be glad to throw money at you...

In the meantime, show me another organization similar to mine in size and technology level that's using something better and spending the same amount of money.

I didn't say our security was perfect or uncrackable. I did say that I think we're doing as well as anybody can expect for the money we have to work with. ...And that's better than most.

Safe (1)

syrrus (726329) | more than 7 years ago | (#16335423)

I feel so safe knowing that these people protect me from the "terrorists".

Re:Safe (1)

goldspider (445116) | more than 7 years ago | (#16335485)

I suppose this was inevitable. Of course, there are more federal agencies whose job it is to dole out your tax dollars than there are keeping you safe from those dag-blasted ter'rists.

I suspect those non-military, non-law-enforcement agencies are the biggest offenders of lax network security.

Re:Safe (1)

Yfrwlf (998822) | more than 7 years ago | (#16335549)

If you've been listening to the post-911 Bushisms you should know that you are NEVER safe, remember? We're on CODE ORAGE right now in fact, you should be running around screaming because there's a terrorist RIGHT BEHIND YOU, AAAAAAH!!!! http://www.dhs.gov/dhspublic/display?theme=29 [dhs.gov]

Re:Safe (1)

aplusjimages (939458) | more than 7 years ago | (#16335829)

A better alert system is this one [geekandproud.net]. We never want it to get to Elmo because that is bad news.

The war on cyber terrorism doesn't seem to be of any concern to the current administration.

Why Hasn't Our Government Achieved Better Security (1)

organgtool (966989) | more than 7 years ago | (#16335453)

I think we should be less concerned about the use of government computers in botnets and more concerned about securing personal information. If the government created and enforced security guidelines for all of their equipment, botnets would not exist AND our information would be secure. I never understood why the government gave the NSA tons of money to develop SELinux and then not deploy that software to other government agencies. I know that government employees currently need Windows-only software, but it appears that they haven't made any attempt to find solutions for locked-down SELinux boxes. They could also use AppArmor, virtual machines or chroot jails for software that can not be trusted, read-only file systems, etc. Instead they choose to give most users Windows machines that don't appear to be locked tightly. The ignorance and apathy of our government towards computer security never ceases to amaze me, especially when the Department of Homeland Security is spending billions of dollars and they don't seem to be making much progress.

Possible Cases (1)

lababidi (879163) | more than 7 years ago | (#16335459)

Being that many of my young friends work in the government including in the House and Senate (not as Pages *ducks*), I know they aren't using their heads when computing. They spend about 6 hours a day on a computer probably looking at $_favorite_porn_site . Those computers are almost guaranteed to be infected.

To one Congressional Office's credit (Cliff Stearns), they actually had iMacs setup. I guess that's one step in the right direction.

Even worse (0)

Anonymous Coward | more than 7 years ago | (#16335473)

Extent of U.S. Government Officials Acting Like Bots Painfully Obvious

Headline &/or summary should say WINDOWS (1)

toby (759) | more than 7 years ago | (#16335487)

These problems are endemic to the Windows universe, yet the headline and summary give no clue. Obviously the ignorant market needs more help to make the connection between Windows and unnecessary risk.

If it had been a Linux problem, the headline would have shouted it. Let's give Windows headline credit for its main features: Insecurity and wasted time and money.

Re:Headline &/or summary should say WINDOWS (1)

LaughingCoder (914424) | more than 7 years ago | (#16335739)

Obviously the ignorant market needs more help to make the connection between Windows and unnecessary risk.
No, the ingorant market needs to make the connection between incompetent or overworked system admins and unnecessary risk. Now, Windows may be *harder* to protect than, say Linux, but in the hands of incompetent (or grossly overworked) system admins, neither system is safe.

Speaking of which (2, Interesting)

wiredog (43288) | more than 7 years ago | (#16335537)

Commerce Department Targeted; Hackers Traced to China [washingtonpost.com]


Hackers operating through Chinese Internet servers have launched a debilitating attack on the computer system of a sensitive Commerce Department bureau, forcing it to replace hundreds of workstations and block employees from regular use of the Internet for more than a month, Commerce officials said yesterday.

The attack targeted the computers of the Bureau of Industry and Security, which is responsible for controlling U.S. exports of commodities, software and technology having both commercial and military uses. The bureau has stepped up its activity in regulating trade with China in recent years as the United States increased its exports of such dual-use items to the growing Chinese market.

Hard Break: Simple Solution (1)

visionsofmcskill (556169) | more than 7 years ago | (#16335617)

The Goverment has too much infrastrucutre to just change their operating systems, and far too many potential compromises in the form of hundreds of thousands of employees (millions?). To ask them to make the sweeping and drastic changes to all their agencies wouldnt be a monumental task, it would be a near impossible one. Instead, just pull the plug. That is the internet one. Seriously, completely remove all the agencies from the Web, firewall them down to ZERO access to non-goverment networks. In each office place setup 4-5 computers (unconnected to the network) with internet access... if employees need access to the net at large... they can use those machines. I know its not a pleasant solution to the workers, but very few goverment positions actually require access to the net. It would go a long way to helping that 2 billion dollar loss in productivity mentioned not too long ago. While the offices are segmented, the Goverment IT guys can work on more effectivly deploying their machines in a manner that can restore access to each computer, but until then there's little reason 99% of these employees need direct access.

Re:Hard Break: Simple Solution (1)

Rick17JJ (744063) | more than 7 years ago | (#16338907)

Another possibility might be to install a KVM switch on each computer so that the government employee could switch back and forth between a computer that is connected to the Internet and one that isn't. At one time I had a KVM switch between my new computer and my old computer. The KVM switch allowed me to switch back and forth between the two computers in about two seconds. A KVM (keyboad-video-mouse) switch allows the use of one keyboard, video and mouse to control more than one computer. One of the computers would only be connected to the Internet and the other would be on the internal network (not to the Internet).

If space for the second computer is a problem, there are now computers as small as a book that could be used to connect to the Internet. For browsing the web they could use something small possibly similar to the WinBook Jiv Mini [pcmag.com], The Panda PC [norhtec.com], MicroServer HP [norhtec.com], AOpen MiniPC Duo MPO945-V [computershopper.com], or the Apple Mac Mini Core Duo [com.com]. To keep costs down, perhaps they would not need to upgrade the mini-PC that is connected to the Internet as often as their other computer. Conceivably they could use Ubuntu Linux or Mac OSX on the mini-PC that is connected to the Internet which would be an advantage because virus, worms and spyware are almost unheard of on Linux or Mac computers. They could still use Windows on their main internal network where their computers would live a more sheltered existance. The extra PC wouldn't need to use much extra electricity because some of the mini-PCs only use about 21 Watts.

I am not a computer professional (or expert), but it seems to me that isolating the internal nework from the outside world with a KVM swith might possibly be an alternative to consider. That would be especially true if they are using malware infected Windows computers, are understaffed with properly trained and motivated IT people, and have failed to secure their network by other methods. I have actually thought about doing something like that at home with one or both computers running Linux.

Okay ... tie this to the porn and gambling article (1)

Maxo-Texas (864189) | more than 7 years ago | (#16335629)

Bots don't come from CNN and slashdot.

The observed porn and gambling surfing by govt employees becomes a national security risk.

Well...... (0)

Anonymous Coward | more than 7 years ago | (#16335647)


They ARE running windows....... but I digress. Article fails to say what the computers are used for, the timeframe they recorded their data, and how quickly it was fixed (assuming it WAS a problem). General workstations for secretaries, payroll, call centers, break rooms, computer labs for military personnel, etc may be infected as employees are likely to surf the web and read e-mails during work. Big Deal! Same thing that a normal user would have to deal with. Every business with even a small number of workstations faces the same problem.

This article leads us to believe that national security is at risk and slashdotters can say OMG another George Bush failure (typical knee-jerk reaction from liberals). This article is nonsense since if it was a problem steps would be taken to fix it (such as centurion guard hardware).

The article is clearly slanted to get attention since its focus on the government. Besides, I don't think Big Brother would let trend micro near any computers that really do matter.

Govt computers are some of the worst.... (1)

i_want_you_to_throw_ (559379) | more than 7 years ago | (#16335733)

Government machines have the distinction of being extremely insecure. There are lots of reasons, government requirements to contract out to "8A" corporations being one of them. "8A" corporations are small companies that the goverment has to sling a percentage of work to when contact time comes up. Oftentimes these are inexperienced folks who don't even know what a DOS prompt is.

We had a recurring nightmare scenario in the Army of someone successfully infilitrating our machines with "byte crack" (think HotBar) and that spyware would be a key logger that phones home and self destructs without a trace.

You know it's coming. It's also no secret that other governments have set up M$ networks for their cyber wargaming with the express purpose of taking them down and timing rebuild and recovery times (think MS/Shared source which the Chinese have purchased).

Oh no folks, it gets worse from here.....ESPECIALLY with NSA relying much more on OTS solutions. Remember the good ole days when the government had technology that couldn't be matched? A lot of future woes are going to be caused by the fact that John Q. Cracker can create encrypted malware that does all of it's damage so quick that the game is over by the time the Feds figure out what hit 'em. Feel better knowing that NSA is relying on M$ solutions more and more?

The price of progress, indeed.

It's worth reading TFA (1)

xoyoyo (949672) | more than 7 years ago | (#16335841)

As it appears that Trend Micro can't spot a forged FROM: header. They're having to "reanalyse" their data after it turned out they were wrong. The upshot is that this is a non-story, but an interesting one. The correct reading of it is that a security vendor has been caught out doing what we all suspect they do all the time anyway: spinnign research to make their IO-bound bloatware look useful.

Huh? Government Workers == Bots! (1)

filesiteguy (695431) | more than 7 years ago | (#16335889)

This is surprising. I was always under the impression that all government computers were infected by bots.

Oh, wait - my bad. I thought it said that all government computers were operated by bots.

Nevermind.

Had Enough? (0, Flamebait)

Doc Ruby (173196) | more than 7 years ago | (#16335953)

Five years of George "The Genius" Bush protecting us. Revamped all our security into "Homeland Security", reorganized all our intelligence systems, got a Republican Congress to do whatever he wanted. Now we're starting to see how rampant insecurity has rotted his huge government from the inside.

Feel safer?

Vote to fire or keep your Representative on TUE November 7, 2006 (one month from tomorrow). Odds are you'll have the choice to fire one of your Senators. Reformatting the White House will probably take another couple of years, when its automatic reboot timer expires.

Re:Had Enough? (1)

Doc Ruby (173196) | more than 7 years ago | (#16336493)

Moderation -1
    100% Flamebait

TrollMods don't want you to know that you can feel safer by voting in a month, on TUE November 7, 2006, to fire your representative and probably your senator, too.

Because TrollMods are Republicans, and your representative and senators are probably Republicans, too.

TrollMods have faith in security by obscurity [wikipedia.org], especially when securing elections for a Permanent Republican Majority [google.com].

Moo (1)

Chacham (981) | more than 7 years ago | (#16336253)

Which is worse? Youngsters voting patterns or Evil nations controlling things?

Hmm.. i'm not even sure there's a difference. So, in some way, you're vote does count.

Little ole' me... (1)

certain death (947081) | more than 7 years ago | (#16336397)

You know...I have your typical ADSL line, 6 megabit down, 700kbps up. Here is what I see pounding on my firewall (BSD type firewall) almost every day... Hitting port 1026 like a mad hatter. port 1026 is generally used for those nasty windows messenger (the service, not the IM software) SPAM popups. Funny, right? Perhaps it is really the DOD trying to use windows messenger popup spam to brain wash me, but I highly doubt it, My mind is not worth the effort!!! OrgName: DoD Network Information Center OrgID: DNIC Address: 3990 E. Broad Street City: Columbus StateProv: OH PostalCode: 43218 Country: US NetRange: 29.0.0.0 - 29.255.255.255 CIDR: 29.0.0.0/8 NetName: MILX25-TEMP NetHandle: NET-29-0-0-0-1 Parent: NetType: Direct Allocation Comment: Defense Information Systems Agency Comment: Washington, DC 20305-2000 US RegDate: Updated: 2002-10-07 OrgTechHandle: MIL-HSTMST-ARIN OrgTechName: Network DoD OrgTechPhone: +1-800-365-3642 OrgTechEmail: HOSTMASTER@nic.mil

The Government is a juggernaut (1)

Opportunist (166417) | more than 7 years ago | (#16336673)

And that's why it generally fails against any kind of sophisticated online attack, no matter what form this attack takes. It's the same for huge companies, btw. Vast amounts of money, the ability to hire every and any brain available to counter the attack, but the time it takes 'til they get into gear usually means that by the time the attacker is long gone and untracable, they are finally done with the budget for it.

That's where organized crime is having the upper hand: Speed. When you're in the defensive position (which you invariably are as the attacked one), your most significant disadvantage to the attacker is time. He had all the time he needed to plan, stage and prepare the attack. You have to respond. NOW. And that is something the feds can't. They cannot respond immediately because it was not in the budget, there is no task force to counter the attack.

That's why it's still possible. Not because the government "counter-hackers" are worse than their attacking cousins. They're just caught up in so much red tape that it's more hassle to fight this than the attacker.

Little Help Here? (1)

Bob9113 (14996) | more than 7 years ago | (#16337015)

Hey, if any of the people running these bot nets is reading this, can you get in touch with me? I'd like to get the aggregated personal tax return information for the past thirty years or so, so I can do a fact-based analysis of shifts in wealth distribution. Thanks in advance.

nobody headed DHS warning against using MS IE (1)

Locutus (9039) | more than 7 years ago | (#16337123)

not one organization at the state or local level took any action when the Department of Homeland Security(DHS) put out a warning against using MS Internet Explorer when a major risk was found and left open by Microsoft for over 3 months. Heck, three departments in my city were shutdown for a day when one of the Microsoft Windows bot software was 'failing' and resulted in some of the infected computers to constantly reboot. Yet, after that, questions presented about continued use of MS IE resulted in answers like, 'with limited budgets they are doing the best they can' and 'balancing financial impacts and security risks results in some tough choices', etc.

So it does NOT surprise me to hear that there is a massive bot network running inside many state, local, and federal government systems. And, like how the TSA handles 'threats' in a RE-active manner, so too will this be addressed when something wicked this way comes. IMO.

LoB

Extent of Government Computers Infected By Bots U (1)

P3NIS_CLEAVER (860022) | more than 7 years ago | (#16337565)

Who gives a shit about what you know? If they know the bot is in the network they will remove it. Name one company that knows how many bots are in their network.

What percent is this a Windows problem? (1)

webweave (94683) | more than 7 years ago | (#16338797)

Should the headline then read "Government gives Microsoft billions and still has bot problem"? So much for the idea that paying for commercial software produces better software.

Why does Microsoft get off so easily in the media for all the problems caused by running its software?

I can't stop, some more good headlines.
"Almost 100% of owned computers are running Windows"
"Supporting Botnets is the cost of running Windows"
"Goverment supports bots by running Windows"

Solution (1)

master_p (608214) | more than 7 years ago | (#16340103)

The solution is a 'virus' that installs Firefox and Thunderbird, replacing every reference of IE and OE with said programs, then downloading and running Spybot S&D/Adware as well as an antivirus program.

I just had an epiphany... (0)

Anonymous Coward | more than 7 years ago | (#16340243)

Somebody should name an anti-virus/malware/spyware program Drano (or draino since drano is already a product). :)

FunWebProducts are no fun (1)

SpunkyWabbit (739879) | more than 7 years ago | (#16340305)

tias-gw7.treas.gov - - [15/Jul/2006:18:44:37 +0300] "GET /index_flash.html HTTP/1.1" 404 214 "http://search.mywebsearch.com/mywebsearch/AJmain. jhtml?st=bar&ptnrS=ZNxmk572YYUS&searchfor=chat+roo m+software" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.0.3705; .NET CLR 1.1.4322)"

glamdring.mildenhall.af.mil - - [03/Aug/2006:10:21:59 +0300] "GET /index.php?section=application HTTP/1.1" 302 7963 "http://some.site/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; InfoPath.1)"
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...