FBI, US Marshals Hit By Virus

Norsefire writes "The FBI and US Marshals were forced to shut down part of their computer network after being hit by a 'mystery virus.' FBI spokesman Mike Kortan said, 'We are evaluating a network issue on our external, unclassified network that's affecting several government agencies.' Nikki Credic, spokeswoman for the US Marshals, said that no data has been compromised but the type of virus and its origin is unknown."

Sensitive networks should be treated as such

[davidwr]

More and more, sensitive corporate and government networks will need to be isolated or at least mostly isolated from non-sensitive networks and the Internet.

They may not need an air gap but they will need to be isolated enough to prevent general problems like viruses.

They also need to be run with the philosophy of "every other machine or user on my network could become compromised (infected or bribed) at any time."

A couple of possible solutions:
*Give employees 2 computers with a KVM, one for surfing the web and access to non-secure data, one to access secure data.
*Give employees a multi-homed, ROM+read-only-USB-stick-for-configuration-data-boot "thin client" that's stripped down and hardened, with no copy-and-paste, no network bridging, and other designed way for one remote server to influence the other. Then have them connect to different servers on different networks for different needs.

If your security requirements are extreme, use an air gap.

In either case, don't forget to take countermeasures against human idiocy, ignorance, and bribery/blackmail.

Re:Linux...

[Darkness404]

How many people have gotten a virus from surfing a site using Linux? Very, very, very, few, to non existent. Sure, Linux is vulnerable but it isn't targeted, the diversity in distros, kernel versions, browsers, etc. help keep the target moving. About the only way to get a virus, in the wild is to download and explicitly install a virus or a trojan.