Civil Servant Watching Porn At Work Blamed For Government Malware Outbreak

An anonymous reader quotes a report from TechCrunch: A U.S. government network was infected with malware thanks to one employee's "extensive history" of watching porn on his work computer, investigators have found. The audit, carried out by the U.S. Department of the Interior's inspector general, found that a U.S. Geological Survey (USGS) network at the EROS Center, a satellite imaging facility in South Dakota, was infected after an unnamed employee visited thousands of porn pages that contained malware, which downloaded to his laptop and "exploited the USGS' network." Investigators found that many of the porn images were "subsequently saved to an unauthorized USB device and personal Android cell phone," which was connected to the employee's government-issued computer. Investigators found that his Android cell phone "was also infected with malware." The findings were made public in a report earlier this month but buried on the U.S. government's oversight website and went largely unreported.

Re:Not the only one at blame

[lgw]

use secure operating systems

Let me know when you find one. All browsers are vulnerable to something. Every OS has privilege excalation exploits and zero-days.

Or were you just thinking "don't use Windows XP"? Yeah, I think everyone gets that now.

so better to put the blame on a single user, who could just as easily have gotten the malware from an ad on a perfectly legitimate site. Fortunately, he was viewing porn (naked bodies entwined together! The most evil threat America has ever faced!) so it's easy to throw him to the wolves.

Paid porn sites have damn good security, and are about the safest place on the web. The problem is the sites that come up when you google for porn (SEO malware sites), plus the ad networks used by free porn sites.

To your point: an ad blocker would probably have prevented this, along with the default behavior of most browsers to block known malware sites.

Re:Single Rogue Host

[cayenne8]

Wanna bet it was Windows based?

Wanna bet that since the person is a civil servant, that even after being caught, will still NOT be able to be fired?

Re:Single Rogue Host

[Opportunist]

Wanna bet that he will be? You need a scapegoat after something like that, after all, and he's neither a politician nor a CEO.

Re:Not the only one at blame

[Bite+The+Pillow]

His manager, who didn't realize thus guy is spending a lot of time not working

The network support, who didn't notice high band with use and try to figure if it was legit

His coworkers who almost certainly knew he wasn't working

Re:I bet

[arth1]

They talk about a blacklist of sites when they should be talking about a whitelist of allowed sites.

While this sounds nice in theory, in practice it is very hard to implement in a way that works and doesn't just hinder work. The people who administer the whitelist are not going to know what is needed for every job function. Nor will they have the capacity to monitor every whitelisted object to ensure that it remains safe. (One of the whitelisted sites might start serving ads proxied through their server - ads which aren't safe.)
And for the users, requesting sites being added to a whitelist as needed can delay entire teams for days on end. What do you mean, we cannot download the schematics for the microcontroller we just discovered a problem with until it's added to a whitelist? And when it delays a high level manager who needs to look at a web site of a potentially new supplier or customer, the whitelist system will be gone.

Re:Not the only one at blame

[geekmux]

The porn-watcher might have been the patient-zero of this outbreak, but I think as much if not more blame needs be laid at the feet of the IT staff that allowed the malware to get as far as it did. Limit user privileges, lock down access ports and use secure operating systems and the damage would not have been as severe; it might only have been limited to that single user's machine.

But that sort of thinking would require a costly revamping of the entire computer infrastructure, so better to put the blame on a single user, who could just as easily have gotten the malware from an ad on a perfectly legitimate site. Fortunately, he was viewing porn (naked bodies entwined together! The most evil threat America has ever faced!) so it's easy to throw him to the wolves.

The porn-watcher might have been the patient-zero of this outbreak, but I think as much if not more blame needs be laid at the feet of the IT staff that allowed the malware to get as far as it did. Limit user privileges, lock down access ports and use secure operating systems and the damage would not have been as severe; it might only have been limited to that single user's machine.

I do agree with you regarding the IT policies that are severely lacking, but I'll believe there was an actual "outbreak" when the evidence presents itself. Neither TFS or TFA really says anything about the extent of this "outbreak" or the true damage that was caused, which tends to turn this entire article into nothing more than sensationalist bullshit. In fact, if you read the actual report, it states quite clearly that a single computer was found to have malware present, and it "exploited the USGS' network." with zero additional detail.

But that sort of thinking would require a costly revamping of the entire computer infrastructure, so better to put the blame on a single user, who could just as easily have gotten the malware from an ad on a perfectly legitimate site. Fortunately, he was viewing porn (naked bodies entwined together! The most evil threat America has ever faced!) so it's easy to throw him to the wolves.

Speaking of sensationalism, let's put aside the Americanized moral arguments here. Porn in the workplace is unprofessional at best and offensive and damaging at worst. That's common sense, and regardless of country. And there's more that just a good chance this infection was caused by that activity given the sheer volume of that activity, so it's hardly innocent activity no matter your moral stance or acceptance of pornography.