March 7th, 2003, 01:43 PM
Race to patch hole in missions of e-mail servers
The race is on to patch a security hole on millions of e-mail computer servers. The concern: The flaw could be exploited by hackers to potentially disrupt America's infrastructure as war looms with Iraq.
The hole was found by security firm Internet Security Systems (ISS) in December. Though no attacks have occurred, a hacker could tap into the Internet's most widely used e-mail-server program, Sendmail, and block, steal or erase e-mail.
Government officials worry that a cyberterrorist could gain control of tens of thousands of computers and launch waves of frivolous e-mail, which could slow networks or render them useless.
That could disrupt business communications at a time when companies are increasingly supplying the military.
"There are a lot of interdependencies when you go to war, and the Internet is what ties a lot of this together," says Marcus Sachs, communications infrastructure director for the White House Office of Cyberspace Security. "We need to get everyone as ready as the Defense Department to defend our critical networks."
ISS has worked with the Department of Homeland Security to coordinate a plan to widely implement an available patch. Computer security officials attending a security conference here hope that will be a model for handling other future threats.
While the Defense Department and other key government agencies are protected, it could take months to patch computers in companies and academia. They could be used to launch a worm that locates vulnerable Sendmail machines.
Last Friday, the Department of Homeland Security notified federal agencies about the Sendmail flaw to give them a head start in making fixes. Monday, ISS publicly announced it and released the patch.
With the flaw in the open, the challenge now is to get Sendmail computers patched worldwide.
ISS estimates Sendmail runs on at least 2 million computers. They are the hefty Unix and Linux computer servers, as well as other computers at key locations that direct Internet traffic.
"This one (vulnerability) stands out because Sendmail is ... installed on some of our most powerful machines," says Alan Paller, director of research for the SANS Institute, a cybersecurity think tank.
In the past, companies have been slow to patch holes. The Code Red virus that caused billions of dollars of damage in 2001 exploited a flaw even though a patch had been available for months.
More recently, the SQL Slammer worm briefly knocked out some airline reservation systems and bank ATMs. It exploited a known hole in Microsoft's SQL server database software for which Microsoft issued a patch six months earlier.
SQL Slammer also infected more than 200,000 computers worldwide — within 10 minutes. Previously, experts had only theorized about a fast-spreading virus that could knock down the Internet in 15 minutes. Slammer is viewed as the first of a so-called Warhol virus, named for artist Andy Warhol. He coined the phrase "15 minutes of fame."
Computer security experts worry a hacker could devise a Slammerlike virus and spread it through Sendmail. The way to reduce that risk is to patch as many machines as fast as possible.
"The U.S. is an excellent target for a mass cyberattack," says Stephen Northcutt, a SANS Institute instructor. "It's an inexpensive way for a poor nation to carry the fight to U.S. soil."
Crazy how stuff happens? I believe the Goverments worry is that some hacker will use the e-mail hole to go in and start interceptining e-mail, deleting accounts and what not, even with this hole the hacker could slow the DoD's server and cause the thing to crash or data to go corrupt.
If at first you don\'t succeed, call it Version 1.0
March 8th, 2003, 02:23 AM
I personally think the government is worried about a lot more than crackers getting access to a few e-mail accounts. They've always got backups if some messages get deleted, but once a cracker has his foot in the front door, the rest of your network (including those servers with sensitive and FOUO data) is significantly more vulnerable. That's where the true danger lies.
By the way, It generally helps to reference your source.
March 8th, 2003, 02:49 PM
I got the information from my friend Peter via e-mail I dont know where he got it, and I never claimed I wrote it.
If at first you don\'t succeed, call it Version 1.0
March 8th, 2003, 03:11 PM
personally, i believe that the US government has their own "secret" computer system/networks.
by having this secret network the government is able to stop worrying about hackers and network redundancy. but, it makes you wonder whether they do, or if they dont, why dont they.
it doesnt have to be connected to the net, that is where most hacking attacks come from. all it would serve as a communications network that is almost impossible to hack. i say almost cause theres no such thing as a sure thing.
hmm, and maybe they are just too stupid to think of it yet
- Trying is the first step towards failure. the moral is never try.
- It\'s like something out of that twilighty show about that zone.
----Homer J Simpson----
March 8th, 2003, 03:16 PM
The US government does have a secret network that isn't "supposed" to be attached to the rest of the internet. But there's lot's of stuff floating around on their regular network that is highly sensitive.
Oh, and NMS, no one accused you of claiming it was yours. CE was just letting you know that people around here take copyright issues very seriously. It generally a good to do a little footwork so you can quote your source and everyone wins.