Virus Knocks Out U.S. Visa Approval System

GillBates0 writes "According to this story and many others, the State Department's electronic system for checking every visa applicant for terrorist or criminal history failed worldwide late Tuesday because of a computer virus, leaving the U.S. government unable to issue visas. The virus crippled the department's Consular Lookout and Support System, known as CLASS, which contains, among others, names of at least 78,000 suspected terrorists. It was unclear which computer virus might have affected the system. But a separate message sent to embassies and consular offices late Tuesday warned that the Welchia virus had been detected in one facility. Welchia is an aggressive infection unleashed last month that exploits a software flaw in recent versions of Microsoft Windows."

It's visUM, not visA.

Singular: visum, plural visa.

NOT singular: visa, plural visas.

Re:It's visUM, not visA.

[Jeremy+Erwin]

The English visa is a an import of the 19th century French word le vise, which derives from the Latin plural past participle of videre to see. In Latin, visa roughly translates to "things seen".

Crudely, a visa indicates that the bearer's documents have been seen by the issuing country. As the issuance of a visa requires the examination of several papers and databases, visa is always plural. Moreover, as the French treat it as a singular form, and English imported it from the French, the Latin is of little consequence here.

Sources: TF Hoad, ed, Concise Oxford Dictionary of English Etymology (Oxford:Oxford University Press,1986)

Re:Windows Means Work

[Morosoph]

Time again to post an article on The Broken Windows fallacy.

Re:78.000 suspected terrorists?

[stratjakt]

Actually, after looking at the state depts website, I found this.

Seems that when someone applies for a visa, gets checked out and denied, they get added to CLASS.

My sister works there.

Evidently, the virus was patched/cleaned pretty quickly, and there was no real security risk, as in national security, because when the system is down, they simply do not issue visas. Most places they probably just told people to come back tomorrow.

Re:Why why why?

[bazik]

"...but you can't tell me that this database can only be run on Windows"

Remember, there is no "Microsoft Access" for Linux yet ;-)

Re:Windows Means Work

[Morosoph]

This link is better.

Re:microsoft

[stratjakt]

They dont.

Most government facilities I've been to use Windows on desktops, and big iron unix servers in the back rooms. Big mainframes that have been there since the early 80s.

There's no way this system with close to 30 million names runs on SQL Server, MySQL, PostgreSQL or any other mid-classed database system.

They shut off the network to make sure it was clean, because one infected terminal could potentially leak a whole lot of information to the wrong people.

Easy...

[scsirob]

.. As long as any half-*ss kid can write 'applications' for the OS by point-and-click on Visual Basic, Windows will be the OS of choise. Too many companies are making money of cutting and pasting together apps.

It isn't the OS that counts, it's the applications that run on it. If it gets the job done, nobody will give a rats ass what OS is beneath.

Re:Does the state dept. read /. ??? NO

[pedersoj]

You have to step back and realize that this is a completely different "breed" of virus/worm. We just finished cleaning up 1750 stations in our environment. Firewalls were blocking just fine, Windows updates running like clockwork, Antivirus updating hourly.

Our problem: In a K12 environment, the machines lay largely dormant over the summer months. With 500 laptops, teachers tend to bring them home during the summer months to play. All it takes is one laptop to come in Day 1 of school, teachers to fire up their machine (which hasn't booted since June). Your entire network floods in minute the machines are turned on...before Windows can update, before McAfee kicks in.

Re:Does the state dept. read /. ??? NO

[sporty]

And block attachments that are prone to viruses for the love of God. pdf, yeah, it can get a virus due to acrobat .. but that's usually less broken than say, word and it's macro viruses, or microsoft lookout and it's vulnerabilities. So you'd at least filter all the extensions for attachments that aren't safe..

Re:Does the state dept. read /. ??? NO

[Robber+Baron]

3.) Use anti-virus software and update the definitions often

Define "often", please. It could be once a month, once a quarter. I'm sure they have change control plans.

I've been using Norton Corporate Edition on my networks quite successfully for some time now. A server is config'd to be the update server and all the clients are managed from it. You can push updates to all the clients either manually or schedule them to update automatically. You can even force clients that come on the network to accept an AV client install package before they are allowed to participate.

I also would recommend putting the laptops on a separate node and firewalling them off from the rest.

No, it's just that it's easier to assume that you are smarter than them and assume you know their network and systems.

Not necessarily. Whenever you get into larger bureaucracies, there's always a level of friction with respect to implementing IT changes/updates. Any number of things could be causing it. It could be clueless, IT staff used to screwing the pooch in gov't service, it could be difficulties in getting anything approved, it could simply be toxic office politics. It could be little dictators building mini-kingdoms for themselves...refusing to implement any suggestions because THEY didn't come up with it (I've seen that one many times!). I don't think it's the nature of their networks and systems that's the issue here at all, after all it's a Windows virus/worm that took them out. How unusual is that?