Slashdot Mirror


Computer Viruses Cripple Colorado DMV

Mr. Christmas Lights writes "The Denver Post has written the last three days (Tue, Wed, Thu) about how computer viruses have crippled the Colorado Department of Motor Vehicle's computers since last Friday. This has prevented them from issuing new/renewed licenses, so they are providing 30-day extension stickers. The 'dozen experts' have decided that 'fresh software' is the best way to remedy it - probably means re-installing Windows, but have they considered Linux? Colorado seems to be having its share of problems - today's article mentions the Zinc Whiskers issue several months ago that knocked the the Colorado secretary of state offline for a couple of weeks. And it could only get worse as the JPEG exploit starts showing up in the wild."

1 of 394 comments (clear)

  1. Viruses and Security: A tech issue or a policy... by Trolling4Dollars · · Score: 5, Interesting

    ...issue? Part of the problem with viruses beyond the fact that many OSes still ship with pretty lax security, is the way that PCs are actually implemented when put into a networked environment. The implementation is dictated by the policies of the organization. Too many organizations do not put enough thought into what users should and shouldn't be allowed to do at EVERY level of computer use. Some of this is due to the fact that these organizations can't afford a decent admin due to being underfunded. Another cause is that many of these orgs also think that computers should be a "set it and forget it" kind of thing.

    So how can this be addressed? Probably the first thing to do is GET A DECENT ADMIN and IT staff. Since we are talking the BMV here, this means better funding for the BMV to attract a decent admin and IT staff who will demand more pay. Which means... that taxes will have to be increased. Which means that indirectly, the tax payers who vote down county levies are are responsible.

    Another thing that can be done once you have a decent admin is to set up a very detailed policy about what users are and aren't allowed to do on a machine. This includes whether or not they can even access external resources on the web (No external web mail during work time, etc...). Regarding the channel of e-mail for mass mailing worms, all mail should be filtered through a virus scanning and spam filtering appliance like the Barracuda Networks Spam Firewall.

    If the environment is such that it demands that users be able to access external web resources, a remote application server (with automatic virus protection) running on a separate network should be used for all external web browsing. If they are accessing an internal resource, they can use their local browser. This way if the app server gets hit with some kind of worm or virus, it won't infect their system as the only connection would be over X , RDP or Citrix ICA.

    Is all of this a pain in the ass to both implement and live with? Most certainly. Will the users complain? Count on it. Will it buy you a lot more protection against the worms and viruses today? Yes. It's just a question of which environment is more of a pain in the ass for you. One where you are constantly dealing with users that are infecting their machines and taking down the network so that productivity grinds to a halt? Or one where users gripe for a bit about the new restrictions, but you have far fewer or no virus/worm incidents? The choice as they say, is up to the peoplpe with the power to rethink these things.