Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sasser Worm Takes Down UK's Coastguard

Posted by timothy on from the thanks-for-using-windows dept.

jonman_d writes "The Sasser worm has recently disabled the computer systems of Britain's Coastguard. Naturally, this event raises even more doubts over the reliability of Microsoft software in critical systems. Moreover, it raises questions of responsibility: if the worm writer is caught, can he be held at least partially responsible for any deaths that occured during this outage?"

9 of 733 comments (clear)

  1. I don't know about Britain... by Tuxedo+Jack · · Score: 5, Informative

    But here in the U.S., I believe it falls under both 18 USC 1030 and some clause in the Patriot Act.

    --

    Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
  2. "no danger to the public" BBC by Phil+Hands · · Score: 4, Informative

    As reported on the BBC, this killed their mapping systems, forcing them to revert to the paper maps that they've always used in the past.

    No safety critical systems were involved.

    --

    Debian: GNU/Linux done the Linux way
  3. You can lead a horse to water... by mindmaster064 · · Score: 4, Informative

    Despite the apparent Slash-Spin of this article it should be noted that Microsoft released the patch for this vulnerablity over two weeks ago, per:

    MS's Security Bulletin on April 13th (this is a week before Sasser "hit".) Microsoft did their job, but can the UK Coastguard do theirs? Apparently not... It is so easy to point the finger at the provider or some anonymous joe on the Internet, but it is so hard to take responsibilty for your own lack of action. It's the UK Coastguard's job to apply their patches in a timely fashion so that the services they render can be reliably delivered.

    It's possible to get these notices emailed to you as soon as they're available. These people should be fired, er wait.. in UK... sacked.

    - Mind

  4. Re:Patches by ThogScully · · Score: 4, Informative

    In the example of the grandparent, you type
    apt-get update && apt-get -u upgrade

    It tells you exactly what software has updates and offers to install them. It does the rest for you. Should you want to install one at a time because of potential/expected problems with upgrading them, type apt-get install package-name.

    It's not tough.
    -N

    --
    I've nothing to say here...
  5. Overexagerrated by pandrijeczko · · Score: 4, Informative
    Being in the UK myself, I saw this news report on the TV yesterday with a reporter interviewing an employee of the coastguard.

    I really got the impression that the reporter was trying desperately to make this into a dramatic news story whereas the coastguard person was fairly level-headed about it. Even she stated that every employee has a backup laptop that is not connected to the Internet as a contingency plan in just these circumstances. Plus, they can also rely on paper maps if necessary.

    Yes, we all know Windows has security holes (just like any other piece of software) and that Microsoft could do a whole lot more to make their software more secure - however, the fact is that using good firewalling and educating users properly is the best way of stopping 99.9% of all known worms and viruses.

    Microsoft must take some of the blame but so should the salesmen and IT people for possibly not deploying the right platform in the first place and then, post deployment, not ensuring it's secure.

    --
    Gentoo Linux - another day, another USE flag.
  6. Re:The real question is by akadruid · · Score: 4, Informative

    Microsoft will send you an update on CD for free. There was a link posted here a while back, or try googling for it.

    --
    "Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
  7. Know your systems and do not rely on a firewall by Spoing · · Score: 4, Informative
    If you're using Windows, take a page from Linux/*BSD and other *nix hardening;

    If it's not running, it can't be exploited!

    1. Isolate each system and check it before bringing it on the network or exposing it to the Internet (and do the latter rarely).
    2. Do external port scans *without* the use of a firewall to see what might be running that is hidden.
    3. Use dependency checkers when encountering unknown software or libraries. (Under Windows, Dependency Walker is your friend.)
    4. Turn it off and remove it if you don't need it, can't trust it, or it seems suspect.
    5. Find trustworthy software and use that instead; popularity isn't trustworthyness.
    6. Isolate systems at the router; it should be difficult to dammage any machine (misconfigured or not) from most any other random machine.
    7. Your systems should be secure even without a firewall. Are they?
    --
    A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
  8. Re:The real question is by matth · · Score: 5, Informative

    I tried that update cd (figured if nothing else it would be useful to take to friends houses who have dialup and need patches). The cd took no less then three months to get to my house! The post mark was like 4 days before I received it so it was in proccessing for 3 months. In that time several news security patches had come out....
    If they can't get the CD out in a few days, it's worthless. For instance, sasser? That CD would have been useless... as I still wouldn't have it.

  9. Re:The real question is by gruhnj · · Score: 5, Informative

    Your not going to trust your military's computer system to enlisted folk, and chances are the officers are not aware of preventive measures. Those who are assign such tasks to contract companies.

    I dont speak for all military, but the Army has an entire major command dedicated to nothing but computers. Formed in 99 NETCOM has actully done a fairly good job in keeping things working. As far at threat detection, patch verification, and orders to deploy, NETCOM tends to be on a 72 hour turnaround. Given that the patch was issued April 13, its way ahead of an outbreak like Sasser. Even better, they have the authority to disconnect. The orders to patch go straight to company commanders and sysAdmins who can be repremanded if their unit goes down. Even if they give the task to a contractor, they are still liable Id hate to be the company commander who sees the brigade commander over virus outbreaks. That seems to keep them in line pretty well.

    SPC Gruhn
    TNOSC-K, Systems Management Branch
    1st Signal BDE
    "First to Communicate!"