Slashdot Mirror
Civil Servant Watching Porn At Work Blamed For Government Malware Outbreak (techcrunch.com)
An anonymous reader quotes a report from TechCrunch: A U.S. government network was infected with malware thanks to one employee's "extensive history" of watching porn on his work computer, investigators have found. The audit, carried out by the U.S. Department of the Interior's inspector general, found that a U.S. Geological Survey (USGS) network at the EROS Center, a satellite imaging facility in South Dakota, was infected after an unnamed employee visited thousands of porn pages that contained malware, which downloaded to his laptop and "exploited the USGS' network." Investigators found that many of the porn images were "subsequently saved to an unauthorized USB device and personal Android cell phone," which was connected to the employee's government-issued computer. Investigators found that his Android cell phone "was also infected with malware." The findings were made public in a report earlier this month but buried on the U.S. government's oversight website and went largely unreported.
The jokes write themselves!
The porn-watcher might have been the patient-zero of this outbreak, but I think as much if not more blame needs be laid at the feet of the IT staff that allowed the malware to get as far as it did. Limit user privileges, lock down access ports and use secure operating systems and the damage would not have been as severe; it might only have been limited to that single user's machine.
But that sort of thinking would require a costly revamping of the entire computer infrastructure, so better to put the blame on a single user, who could just as easily have gotten the malware from an ad on a perfectly legitimate site. Fortunately, he was viewing porn (naked bodies entwined together! The most evil threat America has ever faced!) so it's easy to throw him to the wolves.
If you work computer security for any company of decent size, you're gonna discover someone surfing porn. Most times we give folks the benefit of a doubt the 1st time in case it's some porn ad something on an otherwise "okay" site (gray, but not really a policy violation), but once a pattern of porn surfing is discovered, it usually results in someone getting written up, potentially ending with them losing their job.
Don't do this at work. You're not on your personal computer, it could be a shared computer (ewwww), and it's not your network. There's always someone watching to the benefit of the company, not you. It makes for an awful work environment for the people in the office, and can bring in malware. There's a joke I heard, of people clicking on the Yes/Accept/Install buttons ... "do I have porn yet?" [click] "do I have porn yet?" [click]. Lots of malware comes down in the form of a "video codec" or plugin you need to watch the media. It's just awful.
da w00t. mtfnpy?
But this dude apparently thought he worked for the United States Gynecological Survey.
#DeleteChrome
Wanna bet that he will be? You need a scapegoat after something like that, after all, and he's neither a politician nor a CEO.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Wanna bet they used IE 6 on XP to support some gawd-awful "legacy system" built by a low bidder back in the 90's?
I am not your blowing wind, I am the lightning.
There are people out there who watch porn. I don't mean rub one out and close the window. No, they watch for hours and hours. They get addicted. They can't stop. Watching at work? Of course. Alcoholics drink at work, drug addicts are high at work, why wouldn't porn addicts watch porn at work?
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
They talk about a blacklist of sites when they should be talking about a whitelist of allowed sites.
While this sounds nice in theory, in practice it is very hard to implement in a way that works and doesn't just hinder work. The people who administer the whitelist are not going to know what is needed for every job function. Nor will they have the capacity to monitor every whitelisted object to ensure that it remains safe. (One of the whitelisted sites might start serving ads proxied through their server - ads which aren't safe.)
And for the users, requesting sites being added to a whitelist as needed can delay entire teams for days on end. What do you mean, we cannot download the schematics for the microcontroller we just discovered a problem with until it's added to a whitelist? And when it delays a high level manager who needs to look at a web site of a potentially new supplier or customer, the whitelist system will be gone.
I admit its not easy on the front end but you can easily get a good start by logging sites visited for a month and start with that. I've helped with the implementation of a white list at a few businesses and after a month or two its just a matter of maintenance.
Seriously?
My base perspective is...the idiot is getting paid my MY (and yours) tax dollars, and I"m guessing the job description says nothing about surfing porn on the federal dollar?
Are you telling me that someone that did this very same thing in the private sector wouldn't be canned in a new york minute??
Seriously...are you saying you think it is acceptable to surf porn at work?
Sure, better security, that's a given, but you think this person should not be held directly responsible for doing something that EVERYONE knows they are not supposed to do at work on the clock on work computers.
Hell, government computers come with all kinds of warnings the second you try to log onto them, it isn't like anyone on a federal computer wouldn't know this a forbidden thing to do.....
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Old IT admin here. We had a user that was not only downloading gigs at work to his work laptop, he was also using his processor at 100% for 8 hours a day. When we investigated, he was downloading gigs of regular porn and using his work computer to process them into "3D" like google street view. ALL DAY for weeks until we noticed. Dude got shit canned real fast. Higher ups just wanted to know if it was ALSO anything illegal. Got paid to watch his 3D porn for "research"
Old IT admin here but also knowledgeable about legal frameworks. You shouldn't be investigating anyone for anything illegal, you don't have the knowledge, legal standing or tools for proper forensic examination. If you did find something, the evidence would be declared botched by any first year attorney and a mistrial would be declared, you may even become liable yourself.
If your employer wants to know if your employee did something illegal, get the right people involved to do the right kind of investigation. That means third party or police/government agency.
Custom electronics and digital signage for your business: www.evcircuits.com
With that in mind, let me say that the duly appointed sysadmin or anyone from the IT staff can look at things without it being considered to "taint" evidence, otherwise we'd never be able to convict the sick (and stupid) people who take their computer into Best Buy for repair while leaving a folder full of child pornography.
What I was taught in school, and instructed to do at several jobs (including one internship at the provincial gov't level) was this: Do your job, which may include examining data a user has stored on their work issued equipment. IF you see anything that you think is illegal or even questionable, tell the boss and call the cops. Do not touch the machine any further. Do not even shut it down. The boss will then see to it that physical access to the device is restricted and the police will show up to handle the disconnection from the network and possible shut down. (did you know the police actually have a device that lets them fake a network connection and keep a desktop machine fully powered while driving it across town? I found the bit where they slipped a probe between plug and outlet to seamlessly transfer power source from wall to battery pack particularly fascinating).
The reason for this policy is three fold:
1) A lot of successful prosecutions, especially for illegal porn, rely on happen-stance. A tech stumbling over something, a creep forgets to log out and his wife finds it, whatever. As long as the discoverer can swear in court that they just stumbled across it and did nothing that would alter the data, then the data is still admissible.
2) The police just do NOT have the manpower to handle every "we fired John for surfing porn at work, can you come and check his machine to see if he did anything illegal as well?
3) The report of the discoverer is often the basis for probable cause and issuance of a warrant. If I didn't tell the police I saw something off, they would have no legal basis from which to proceed with an investigation.
One last thought: Even if a guy does surf or create child porn on the work issued equipment, while sufficient for conviction, it may not always be the sole source of such evidence. Any one making illegal porn on a work machine probably has more of it on his personal machine back home as well. (pedos are also notorious for amassing large collections) Thus, even if the evidence I uncover is not enough to convict on its own, it's still enough to justify warrants and investigation to collect more, better quality evidence.
I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj