Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoofed White House Card Dupes Many Gov't Employees, Steals Data

Posted by timothy on from the you-may-have-already-won dept.

tsu doh nimh writes "A run-of-the-mill malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents from dozens of victims over the holidays, including a number of government employees and contractors who work on cybersecurity matters, writes krebsonsecurity.com. The story looks at several victims who fell for the attack, and suggests it may be related to a series of similar document-harvesting runs throughout 2010. Government security vendor NetWitness notes that these types of incidents are blurring the lines between online financial fraud and espionage attacks."

3 of 173 comments (clear)

  1. Merry Christmas by Dexter+Herbivore · · Score: 5, Funny

    Honourable employees of venerable government of USA. Please click on link to receive free gift from People's Republic of... ummm... errr... Canada!

  2. Re:pack.exe as Perl/ZeuS Trojan? by betterunixthanunix · · Score: 4, Informative

    Most GNU/Linux systems (and I assume but cannot really say for sure about Mac OS X) will not just execute an arbitrary file that you download. Generally you have to at least set execute permissions on the file to get it to run, or feed it to its interpreter on its own (if it is a script). Additionally, for a secure desktop, one would generally set "noexec" on the home directories partition, so that users cannot just execute random code.

    Really though, this is all superficial by comparison with multilevel security systems, which for someone with top secret clearance seems like an obvious measure. MLS policies should forbid a program that you download from some random website from even opening a file that is "Top Secret," let alone sending a copy to some other system. A lot of research went into such systems, which are designed around the assumption that the threats are internal (e.g. a malicious program that is already running on the system) and that the goal is to prevent leaks (as opposed to the more common goal of restricting unauthorized access).

    --
    Palm trees and 8
  3. Read the victim list by Anonymous Coward · · Score: 5, Insightful

    It's not so much the crime than the type of victims:

    -An employee at the National Science Foundation’s Office of Cyber Infrastructure.
    -An intelligence analyst in Massachusetts State Police
    -An unidentified employee at the Financial Action Task Force, [in a government body whose purpose is to fight] money laundering and terrorist financing.
    -An official with the Moroccan government’s Ministry of Industry, Commerce and New Technologies.

    Me, I'm an idiot with no influence, but the people who set policies and can put people in jail should know better.