Slashdot Mirror
New Mega-Botnet Discovered
yahoi writes "According to the DarkReading article, 'Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the US. The botnet, which appears to be larger than the infamous Storm botnet was in its heyday, has infected machines from some 77 government-owned domains — 51 of which are in the US government. Researchers from Finjan who found the botnet say it's controlled by six individuals, and includes machines in major banks.'"
It's just "Ukraine", not "the Ukraine".
He was talking about anti-security regulations. Like regulations requiring that software go through a several year government testing phase before it can be adopted, placing them horribly out of date.
Every machine in the LoC is using IE6, because they designed some proprietary crap 8 or 9 years ago that would be too expensive to upgrade to an infinitely more secure Firefox or even IE8-based system.
On the other hand, those were the most sandboxed terminals in the world, probably safe even with IE6 (there was some McAffee kiosk control system running that looked pretty hardened.)
So the attackers for the main part have to fall back on social engineering. That's a pretty good advertisement for the software I reckon!
sudo mount --milk --sugar
Why would a competent sysadmin even design a network hooked to the general internet to begin with if security is an absolute must?
... maybe because of Internet banking? Risk, cost or convenience, pick two.
Views expressed do not necessarily reflect those of the author.
The data was not lost from military systems, it was obtained by crackers who penetrated military contractor's commercial systems. Yes, that leads to a whole bunch of questions and is not by any means an absolution of the military's IT security. But your statement does not match the facts.
To hear the gods laugh tell them your plans.
From the FAQ
What operating systems have FDCC settings?
Currently, FDCC settings are intended for Microsoft Windows XP Professional with Service Pack (SP) 2 or SP 3 and Microsoft Windows Vista Business, Microsoft Windows Vista Enterprise, and Microsoft Windows Vista Ultimate with SP 1.
...
The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration.
So ... to be in compliance, you can only run Windows desktops, is that correct? Wow! Way to feed the MS machine.
Put identity in the browser.
No. NIST does not endorse the use of any particular product or system. NIST is not mandating the use of the Windows XP or Vista operating systems, nor is NIST establishing conditions or prerequisites for Federal agency procurement or deployment of any system. NIST is not precluding any Federal agency from procuring or deploying other computer hardware or software for which NIST has not developed a publication, security configuration checklist, or virtual testing environment. Although the FDCC currently applies to Windows XP and Vista, security guidance is available for other platforms. The OMB and GSA updated the Federal Acquisition Regulation (FAR) on February 28, 2008, Part 39 now reads as follows:
Nevermind. My first post was inaccurate.
Put identity in the browser.
The data was not classified, just FOUO. Electronic copies exist for convince sake. It depends on the project, but there is usually no requirements for encryption of such documents. Expect that to change... soon.
This is true in windows too. Remember Storm? It was created with simple .exe files, not any exploits. I believe they just mass emailed 'greetingcard.exe.' Grandma ran it. Thats all it takes. It blows my mind mail servers are sending out executable to people in this day and age.
A computer is just as secure as its operator.