Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI, US Marshals Hit By Virus

Posted by Soulskill on from the nothing-tommy-lee-jones-can't-handle dept.

Norsefire writes "The FBI and US Marshals were forced to shut down part of their computer network after being hit by a 'mystery virus.' FBI spokesman Mike Kortan said, 'We are evaluating a network issue on our external, unclassified network that's affecting several government agencies.' Nikki Credic, spokeswoman for the US Marshals, said that no data has been compromised but the type of virus and its origin is unknown."

20 of 156 comments (clear)

  1. Linux... by Darkness404 · · Score: 1, Insightful

    Why doesn't the government switch to Linux already? Sure, you can get a Linux virus, but to get one it takes work. On the other hand merely browsing a site in IE can give you viruses in Windows.

    --
    Taxation is legalized theft, no more, no less.
    1. Re:Linux... by Krneki · · Score: 2, Insightful

      They are too lazy to learn a new desktop.

      They rather get infected every now and then. After all it's your money they are spending.

      --
      Love many, trust a few, do harm to none.
    2. Re:Linux... by TubeSteak · · Score: 2, Insightful

      Sure, Linux is vulnerable but it isn't targeted, the diversity in distros, kernel versions, browsers, etc. help keep the target moving.

      1. If the Government switches to Linux, there will not be a diversity in distros, kernel versions, browsers, etc.
      2. Assume that, like the current windows installation, there will be gaping security holes due to mismanagement and misconfiguration.
      3. The US government is an awfully big target and if they switch, you will see significant, concentrated effort on exploiting whatever distro and apps the Feds chooses.

      --
      [Fuck Beta]
      o0t!
    3. Re:Linux... by Norsefire · · Score: 3, Insightful

      Step 1: Ditch a closed-source product notorious for exploits and viruses
      Step 2: Choose a better open-source alternative notorious for its security and stability
      Step 3: close the source

    4. Re:Linux... by Animaether · · Score: 4, Insightful

      Step 4: watch a lower ranking employee click on the HappyFunTime executable in their mail
      Step 5: Priceless.

  2. Bold claim by Daimanta · · Score: 4, Insightful

    "said that no data has been compromised but the type of virus and its origin is unknown."

    How do they know that there was no data compromised if they don't even know the type of the virus?

    --
    Knowledge is power. Knowledge shared is power lost.
    1. Re:Bold claim by maxume · · Score: 2, Insightful

      Perhaps the network is reasonably self contained?

      The article says they shut down internet access, but it doesn't really make it clear if the computers in question have any connection to the internet or not.

      --
      Nerd rage is the funniest rage.
    2. Re:Bold claim by Psyborgue · · Score: 2, Insightful

      How do they know it's even a virus. "virus" is often a silly excuse for "embarrassing human error".

    3. Re:Bold claim by Thad+Zurich · · Score: 2, Insightful

      There would seem to be a high probability that such a network is monitored by one or more IPS' that log and archive all outbound packets. If the time of infection can be established, then it should be possible to estimate the amount of exfiltrated data.

  3. Typical Bold Claim, Scenario A14 by Gary+W.+Longsine · · Score: 5, Insightful

    This claim is made by nearly every spokesperson for any major organization which is forced to disclose a malware attack to the public. In nearly every case the claim cannot be substantiated. Run of the mill malware often scans hard drives and uploads data to remote servers over encrypted connections. Most organizations have no way of knowing if these even happened. They don't know how long they have been infected. They don't know if the attack is directed at them, specifically (and thus might be smarter about hiding its activity). These folk really don't know yet what the extent of the damage is. The stock line should be, "we don't know", not, "nothing bad happened". Something bad happened -- malware got on your network and spread. That much is clear.

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
  4. Re:They should use macs by clang_jangle · · Score: 3, Insightful

    Yes, the amount of malware for mac's is lower than Windows...

    Correct, zero is a tad less than ~ninety-three thousand.

    ...but so is mac userbase

    Considering that UNIX-like systems are ubiquitous in the server world (and OS X is a UNIX-variant), that is a really lame argument.

    However there are many OSX malware circumventing already and it seems to be just going up

    [citation needed]

    --
    Caveat Utilitor
  5. Re:They should use macs by erroneus · · Score: 2, Insightful

    This should be modded up.

    Generally, I also recommend Mac for brain-dead users whose computers I don't want to fix every 3 days. There is simply less chance of such problems... randomly. Most exploits target Windows and MSIE, simple as that. But that is only GENERALLY...randomly...blindly.

    More and more, we are seeing targeted attacks. The targetted attack is most successful when the contents of the network are known. So get one machine compromised (advanced scout), survey the network to see what's out there, then plan the real attack. There are abundant attacks for Mac and even Linux. In the event of targeted attacks, all bets are off. "Reputation" for security only serves the attacker because the defences of the machines will likely be lower on those machines considered "more secure."

  6. Linux is not the ultimate in security by davidwr · · Score: 1, Insightful

    Well, maybe some hardened versions but not the run of the mill version.

    If you want hardened computing, you want:

    *A hardened network, with hardened human access
    *A hardened computer, with hardened human access
    *A hardened OS or one that comes pre-hardened by design. SELinux, OpenBSD, some specialty flavors of MS-Windows, some small/embeded-systems OSes, some Unix-style OSes, and some mainframe-type OSes qualify
    *Hardened sofware all the way around
    *People who are trained in security in general and trained how to use the computer properly and how to spot people who are trying to compromise it or the network

    Do you really want hardened computing?

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  7. Re:They should use macs by sopssa · · Score: 4, Insightful

    Also, most mac users think and they're told that theres no malware and they're secure, so they have the mentality of "nothing can hit me" and even tho theres a few mac av's, almost noone runs them.

    Hell, there's botnets running inside _routers_. What makes it think that mac is somehow some bulletproof solution. You dont need root to send spam or ddos either.

    Mac is also a standardized os, so its a lot easier to make malware for it than the tons of different linux os's. And its already true, but because of this mentality Apple and Mac users have given to everyone, they think they're safe. It's really stupid from Apple's part, because the problem keeps just rising and one day it gets hit badly and no one has prepared because of their assumptions.

  8. Re:They should use macs by clang_jangle · · Score: 4, Insightful

    Trojans can run on any OS, once the user is tricked into installing them. IOW,they're extremely easy to avoid. However, viruses are only found in the wild on Windows systems. And only Windows can be infected by simply visiting a web site.

    --
    Caveat Utilitor
  9. Sure some mysterious virus. by PieceofLavalamp · · Score: 2, Insightful

    Sure some mysterious unknown virus. Or Someone broke/deleted something and didn't know how to fix it. I mean would you want to tell the FBI you broke their computers?

  10. Re:They should use macs by DrgnDancer · · Score: 2, Insightful

    Every example in your list is a social engineering trojan. They all require the user to literally INSTALL the malware and enter their admin password to do it. No system can defend against that. There are proof of concept viruses and worms on the Mac, but pretty much everything in wild is a trojan and requires significant user intervention to work. That's hardly fair. Of course stupid Mac users are still stupid users. That doesn't make the system itself less secure. I'm not one of the "OMG, it's completely secure!" fanbois. There are definitely holes in OS X, and Apple has not always been quick to fix them. The fact remains, however, that their are virtually no Mac viruses or worms in the wild (for the proper, security profession, definitions of "virus" or "worm").

    --
    I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
  11. Re:How do they know ? by tendrousbeastie · · Score: 3, Insightful

    Well exactly. What their spokeperson says doesn't necessarily have any correlation to what their head of IT thinks.

    The spokesperson's job is to put the best spin on things. Saying "We lost loads of public data" would not be doing their job well.

  12. Re:Maybe they recently bought some new computers? by Anonymous Coward · · Score: 1, Insightful

    If they aren't dropping their own image on new computers they get, there's something wrong with their IT department.

  13. Re:They should use macs by TheSpoom · · Score: 2, Insightful

    While I agree with the general principle that *nix OSes (including Macs) are more secure than Windows, viruses are just as possible on other operating systems.

    That said, the government could save shit-tons in licensing fees by switching to a free OS like Ubuntu, and they wouldn't have to worry about something like this happening nearly so often.

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs