FBI, US Marshals Hit By Virus 156
Norsefire writes "The FBI and US Marshals were forced to shut down part of their computer network after being hit by a 'mystery virus.' FBI spokesman Mike Kortan said, 'We are evaluating a network issue on our external, unclassified network that's affecting several government agencies.' Nikki Credic, spokeswoman for the US Marshals, said that no data has been compromised but the type of virus and its origin is unknown."
Linux... (Score:1, Insightful)
Bold claim (Score:5, Insightful)
"said that no data has been compromised but the type of virus and its origin is unknown."
How do they know that there was no data compromised if they don't even know the type of the virus?
Re:Bold claim (Score:2, Insightful)
Perhaps the network is reasonably self contained?
The article says they shut down internet access, but it doesn't really make it clear if the computers in question have any connection to the internet or not.
Typical Bold Claim, Scenario A14 (Score:5, Insightful)
Re:They should use macs (Score:3, Insightful)
Correct, zero is a tad less than ~ninety-three thousand.
Considering that UNIX-like systems are ubiquitous in the server world (and OS X is a UNIX-variant), that is a really lame argument.
[citation needed]
Re:They should use macs (Score:3, Insightful)
This should be modded up.
Generally, I also recommend Mac for brain-dead users whose computers I don't want to fix every 3 days. There is simply less chance of such problems... randomly. Most exploits target Windows and MSIE, simple as that. But that is only GENERALLY...randomly...blindly.
More and more, we are seeing targeted attacks. The targetted attack is most successful when the contents of the network are known. So get one machine compromised (advanced scout), survey the network to see what's out there, then plan the real attack. There are abundant attacks for Mac and even Linux. In the event of targeted attacks, all bets are off. "Reputation" for security only serves the attacker because the defences of the machines will likely be lower on those machines considered "more secure."
Linux is not the ultimate in security (Score:1, Insightful)
Well, maybe some hardened versions but not the run of the mill version.
If you want hardened computing, you want:
*A hardened network, with hardened human access
*A hardened computer, with hardened human access
*A hardened OS or one that comes pre-hardened by design. SELinux, OpenBSD, some specialty flavors of MS-Windows, some small/embeded-systems OSes, some Unix-style OSes, and some mainframe-type OSes qualify
*Hardened sofware all the way around
*People who are trained in security in general and trained how to use the computer properly and how to spot people who are trying to compromise it or the network
Do you really want hardened computing?
Re:Linux... (Score:3, Insightful)
They rather get infected every now and then. After all it's your money they are spending.
Re:Linux... (Score:3, Insightful)
Sure, Linux is vulnerable but it isn't targeted, the diversity in distros, kernel versions, browsers, etc. help keep the target moving.
1. If the Government switches to Linux, there will not be a diversity in distros, kernel versions, browsers, etc.
2. Assume that, like the current windows installation, there will be gaping security holes due to mismanagement and misconfiguration.
3. The US government is an awfully big target and if they switch, you will see significant, concentrated effort on exploiting whatever distro and apps the Feds chooses.
Re:Linux... (Score:4, Insightful)
Step 2: Choose a better open-source alternative notorious for its security and stability
Step 3: close the source
Re:Bold claim (Score:3, Insightful)
Re:They should use macs (Score:5, Insightful)
Also, most mac users think and they're told that theres no malware and they're secure, so they have the mentality of "nothing can hit me" and even tho theres a few mac av's, almost noone runs them.
Hell, there's botnets running inside _routers_. What makes it think that mac is somehow some bulletproof solution. You dont need root to send spam or ddos either.
Mac is also a standardized os, so its a lot easier to make malware for it than the tons of different linux os's. And its already true, but because of this mentality Apple and Mac users have given to everyone, they think they're safe. It's really stupid from Apple's part, because the problem keeps just rising and one day it gets hit badly and no one has prepared because of their assumptions.
Re:They should use macs (Score:5, Insightful)
Re:Linux... (Score:5, Insightful)
Step 4: watch a lower ranking employee click on the HappyFunTime executable in their mail
Step 5: Priceless.
Sure some mysterious virus. (Score:2, Insightful)
Re:They should use macs (Score:3, Insightful)
Every example in your list is a social engineering trojan. They all require the user to literally INSTALL the malware and enter their admin password to do it. No system can defend against that. There are proof of concept viruses and worms on the Mac, but pretty much everything in wild is a trojan and requires significant user intervention to work. That's hardly fair. Of course stupid Mac users are still stupid users. That doesn't make the system itself less secure. I'm not one of the "OMG, it's completely secure!" fanbois. There are definitely holes in OS X, and Apple has not always been quick to fix them. The fact remains, however, that their are virtually no Mac viruses or worms in the wild (for the proper, security profession, definitions of "virus" or "worm").
Re:How do they know ? (Score:3, Insightful)
Well exactly. What their spokeperson says doesn't necessarily have any correlation to what their head of IT thinks.
The spokesperson's job is to put the best spin on things. Saying "We lost loads of public data" would not be doing their job well.
Re:Maybe they recently bought some new computers? (Score:1, Insightful)
If they aren't dropping their own image on new computers they get, there's something wrong with their IT department.
Re:Bold claim (Score:2, Insightful)
Re:They should use macs (Score:3, Insightful)
While I agree with the general principle that *nix OSes (including Macs) are more secure than Windows, viruses are just as possible on other operating systems.
That said, the government could save shit-tons in licensing fees by switching to a free OS like Ubuntu, and they wouldn't have to worry about something like this happening nearly so often.