FBI, US Marshals Hit By Virus 156
Norsefire writes "The FBI and US Marshals were forced to shut down part of their computer network after being hit by a 'mystery virus.' FBI spokesman Mike Kortan said, 'We are evaluating a network issue on our external, unclassified network that's affecting several government agencies.' Nikki Credic, spokeswoman for the US Marshals, said that no data has been compromised but the type of virus and its origin is unknown."
Maybe they recently bought some new computers? (Score:3, Informative)
http://www.itbusiness.ca/it/client/en/home/news.asp?id=53225 [itbusiness.ca]
Re:They should use macs (Score:3, Informative)
Mac is in no way less vulnareble than Windows, specially in targeted attacks. It seems most people have been brainwashed quite good. Yes, the amount of malware for mac's is lower than Windows, but so is mac userbase. However there are many OSX malware circumventing already and it seems to be just going up.
And no, not all malware require root to run. They can easily run under your user account aswell and still steal lots of data, passwords and keylog etc. If they require root, then social engineering attack will get past most users as they happily enter their root password.
Re:They should use macs (Score:4, Informative)
That's a mighty low [bbc.co.uk] estimate.
Re:They should use macs (Score:4, Informative)
http://news.cnet.com/8301-13579_3-9808489-37.html [cnet.com]
http://www.tuaw.com/2008/11/21/new-mac-os-x-malware-osx_lamzev-a/ [tuaw.com]
http://www.f-secure.com/v-descs/trojan_osx_dnschanger.shtml [f-secure.com]
http://www.f-secure.com/v-descs/inqtana_a.shtml [f-secure.com]
http://blogs.zdnet.com/security/?p=2418 [zdnet.com]
to begin with a few.
Re:They should use macs (Score:4, Informative)
The reason windows systems are more vulnerable than Unix-like OS's is because in Windows, the default status of the computer is that the end user is running an administrator-type account, with full privileges to install new system software and replace drivers. In a properly administrated Unix system, only a few root-level processes are running, and the logged-in user does _not_ constantly have access to such privileges except when they are specifically requested by the user, and only then within the process that the end user specifically escalated privileges on. This leaves social engineering as the only real means by which a unix-type of machine is liable to be compromised, and avoiding that is also a matter of maintaining established sound system-administration practices.
Of course, maintaining such practices on windows systems would cause a significant (HUGE, even) drop in viruses on that platform as well (possibly even to the point that a resident virus scanner could be considered wasteful, and regular on-demand checks for compromises alone would likely be adequate). However, most windows users simply are not interested in learning how to be sysadmins, so the problem remains.
Re:Bold claim (Score:3, Informative)
The FBI isn't a spy agency...
Actually, they are. The FBI is largely responsible for intelligence gathering and counter-intelligence within the US.
http://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation [wikipedia.org]
Re:Linux... (Score:3, Informative)
SELinux Background
Researchers in the National Information Assurance Research Laboratory of the National Security Agency (NSA) worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on Type Enforcement, a mechanism first developed for the LOCK system. The NSA and SCC developed two Mach-based prototypes of the architecture: DTMach and DTOS. The NSA and SCC then worked with the University of Utah's Flux research group to transfer the architecture to the Fluke research operating system. During this transfer, the architecture was enhanced to provide better support for dynamic security policies. This enhanced architecture was named Flask. The NSA integrated the Flask architecture into the Linux® operating system to transfer the technology to a larger developer and user community. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solarisâ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.