September 24th, 2003, 09:25 PM
Virus strikes State Department
A computer virus has hit the State Department, affecting the performance of the government's information technology system that manages visa approvals.
The virus shut down the State Department's Consular Lookout and Support System (CLASS) on Tuesday, according to published reports from Reuters and the Associated Press. A State Department representative reached Wednesday by CNET News.com would not confirm that the system had crashed but indicated that IT personnel were working on a problem.
The State Department sent a message to employees around the globe on Tuesday, warning that CLASS had been crippled. It was not clear which computer virus infected the system, but the department forwarded to people a warning indicating that the Welchia virus was found at one facility, reports said.
Welchia and the related MSBlast virus target openings in Microsoft's Windows operating system and have been linked to a number of government computer failures. A new report from the Computer and Communications Industry Association asserts that reliance on a single technology, such as Windows, for an overwhelming majority of computer systems threatens the security of the U.S. economy and critical infrastructure.
CLASS has been identified as one of the tools the U.S. government is leaning on to help stem the flow of terrorists and other criminals into the country. According to the State Department, CLASS has been improved over the past two years and now can access more detailed information banks to scrutinize eligibility of potential visa applicants.
Read More at (http://zdnet.com.com/2100-1105_2-508...ag=zdnnfd.main)
AntiOnline Quick Forum Version 2b Click Here
September 25th, 2003, 01:57 AM
If you quoted that you might wanna put it in the tags
[gloworange]And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict\'s veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. \"This is it... this is where I belong...\" I know everyone here... even if I\'ve never met them, never talked to them, may never hear from them again... I know you all...[/gloworange]
September 25th, 2003, 02:03 AM
Umm, that's disapointing. MSblaster and Welcha aren't exactly new. Heck, they've been smeared across the news last month. If this is the case, and these aren't new variants that someone released specially at a Gov't site, then they get a solid "F+" for keeping their systems
September 25th, 2003, 02:12 AM
why would i put it in quotes when i state that its and artice from another page and i include the source? If i wrote it myself i wouldn't include a source. Thanx for the tip, i think.
AntiOnline Quick Forum Version 2b Click Here
September 25th, 2003, 04:16 AM
They might not be keeping their systems uptodate but sometimes i pity the techs working for the govt. Where i am, its either they are overworked or dont have the right tools cos of budget constraints. the other problem could also be management who dont want to be troubled by all this patching and securing cos it makes things more difficult for them to use and to them it wastes their time.
In my place, I have patched the machines with remote deployment tools but running a scan the next day i realised that many machines were still vulnerable cos the users dod not shut down their systems at the end of the day. I spent a couple of days chasing them down to get them to shut down the systems at the end of the work day. This is on top of all the other sutff that i am doing. Its really a pain when you got users who dont bother.
September 25th, 2003, 02:35 PM
You bring up a good point. I'm reading CyberShock by Winn Schwartau right now, can came across some interesting statistics regarding a 1996 study done within the US DoD. The Defense Information Systems Agency, DISA, provided all the newest patches and instructions to hundreds of system admins across their network, then started testing for holes.
Keep in mind this seven years ago, and the US Gov't has taken greater strides to protect it's IS since then. BUT... since 1996 the availablity and sophistacation of cracking tools and methods has increased 10-fold (not to mention the pool of people willing to try them).
1. They attacked approximately 30,000 networks
2. They successfully penetrated and took control of 88% of those networks, despite their efforts to get the admins to protect themselves.
3. Of the successful attacks, network admins only detected or noticed that they were under attack 5% of the time
4. Of the 5% (of the 88%) of the attacks that were detected, only 4% of them were reported to the authorities.
September 25th, 2003, 03:09 PM
I think the Government can do better than that. If this are systems to stem the flow of terrorists and other criminals into the country, then they should be up to date and patched.
Just my thought on things.
- The mind is too beautiful to waste...