Forgot your password?
typodupeerror
EU Security IT

European Parliament Computer Network Breached 47

Posted by CmdrTaco
from the breach-the-breach dept.
Orome1 writes "The computer network of the European Parliament has been targeted by a cyber attack that may or may not be linked to the attack against the European Commission and the External Action Service networks that took place a week ago. According to the Parliament's spokesmen, the attack was still ongoing yesterday morning and information technology services have put in place some security measures — such as blocking access to webmail."
This discussion has been archived. No new comments can be posted.

European Parliament Computer Network Breached

Comments Filter:
  • by jhoegl (638955) on Wednesday March 30, 2011 @10:51AM (#35667434)
    Webmail is one of the worst offenders in getting viruses. My brother works at a company that sells computer equipment and they had so many problems because their sales agents were clicking on all kinds of stupid shit in their personal email accounts.

    I always blocked personal email unless it was expressly allowed, and even then I told the user one issue and its turned off.

    I dont care if these are public officials. They want their public email, get it on their phones or somewhere else! I got shit to secure son!
    • My favorite is the fake UPS invoices. "Hey, we have an invoice from a recent UPS packed that was shipped to you. Click the attachment to see it!"
      • by GregC63 (1564363)
        After being repeatedly warned... I've had 2 users do that just yesterday. Dumbasses...
        • by KhabaLox (1906148)

          So did my boss. Though in his defense he was expecting an email from UPS. Luckily MSSE caught it and neutralized it completely, as far as I can tell. I ran a DDS log which looked clean, and an F-Secure online scan came back with only tracking cookies.

          But shouldn't Win7 and no admin rights go a long ways towards negating these types of malware?

          • But shouldn't Win7 and no admin rights go a long ways towards negating these types of malware?

            That keeps it from rooting the system, but a virus can still run with the user's privileges.

    • by MrLint (519792) on Wednesday March 30, 2011 @11:16AM (#35667758) Journal

      Heres a hint, don't let the user be admins. Then they can't brake out of their account.....

      and yes users are stupid. I had one guy who got a mail from USPS, about his Fedex tracking number on his expressmail delivery. He downloaded and opened and ran a zip file. When I asked him if he was expecting a delivery he said 'I dont know'.

      • This is a good idea from a technical point of view. Until you get a boss that tells you in no uncertain terms ("do it or be fired") that he NEEDS admin access to his box.

        Now multiply that ego by a million and you are at a politician.

        • Re: (Score:2, Insightful)

          by L4t3r4lu5 (1216702)

          That's not how it works. A politician is not your employer, the government is. A politician has no hire-and-fire control over staff outside of politics, even if they have that power at all (which I wouldn't think they do).

          Working in the public sector myself, though not politics, I have no problem telling my employer that they cannot have admin access to their local machine, and certainly not to the domain, unless they sign off that they accept that I am released from any and all responsibility under

          • by Qzukk (229616)

            A politician has no hire-and-fire control over staff outside of politics, even if they have that power at all (which I wouldn't think they do).

            Oh no, of course not, he could never fire you. Of course, it would be a shame if the department's budget was cut to $10. Of course, the politician would probably want to run that by your boss and get his input on the matter, to make sure the right cuts were being made.

          • by KhabaLox (1906148)

            It seems to me there was a government sys admin in San Francisco that stood up to his bosses and ended up in jail. OK, so not exactly the same situation, but still....

      • by AC-x (735297)

        Heres a hint, don't let the user be admins. Then they can't brake out of their account.....

        Except in cases of privilege escalation exploits, and there's plenty of snooping that can be done by a program running under a user's context. I'm pretty sure most large corporate networks have all their non-techy users locked down, but that doesn't mean people can't still hack in through a non-admin account.

        • by MrLint (519792)

          Oh indeed exploits are always an issue. However, at least in the place I work, anyone who wants admin is give it, with the most flimsy of reasons to the most incompetent people. So I just sit and wait for the train wreck.

        • by Culture20 (968837)
          And the userland driveby downloads can sit in the background, schedule themselves to run on boot up/log in, regularly download new exploit attempts (just before patch tuesday), or act as bonnet members for ddoses, etc.
      • by malkavian (9512)

        Deceleration doesn't affect computer security. That aside, users aren't stupid (in the main). They just aren't entirely sure what a computer will or won't do. The same as I'm not quite so sure I could do the job my system users perform (i.e. surgery, anaesthetics, haematology etc.). Part of my job is to make sure they're as safe as they can be in doing their job, while still allowing them to do it.
        There are so many infection vectors (compromised web sites, including the occasional high profile one, webm

    • I'd wonder why webmail access was available in the first place. Isn't there some requirement for auditability of their mail? I mean, they're public servants, isn't that like opening a backdoor for shady deals?

      Aside of that, one of the FIRST things I recommend during a security audit is to disallow any mail traffic but auditable and company owned systems, on all levels. Usually it is trivial to get it done for the lower echelons, but the resistance at C-level is crippling. In other words, yes, we'll do it fo

      • by jhoegl (638955)
        I hope you document their response and have them sign off on it.
        One of the biggest concerns is that their policies can be pushed back on you. As if it is your fault you told them and they didnt listen.
        But yes, I also lock down port 25 for everyone except vital systems.
        • Of course, and of course they sign it off without a problem. Why not? It doesn't threaten their ability to get the certificate they're aiming for (yes, a security cert does NOT certify that you're secure, only that you have evaluated the risks, if you choose to ignore them, so be it), so why shouldn't they sign it off? It IS very funny sometimes, though, to read how they justify their "need" for webmail or access to certain pages (e.g. facebook) that MUST NOT be accessed by anyone else in the company for th

      • by Teun (17872)
        Members of the European Parliament are elected representatives from 27 different countries, each with their parties and own mail systems.

        The Parliaments own mail system likely only handles a fraction of the total mail.

    • The article isn't very clear but, having worked there, webmail would probably refer to Outlook Web Access...
    • This is all beginning to look like the cyber wars in David Brin's "Earth". I think I'll take that one off the shelf again, deserves a re-read.
  • by Ancantus (1926920) on Wednesday March 30, 2011 @10:53AM (#35667462) Homepage Journal

    'This is not a couple of teenage boys hacking into the [EU] institutions,' said an official.

    But it could be the work of a person with the skills of 1,000 hackers [slashdot.org].

    • Re:Hacker Skill (Score:4, Insightful)

      by fuzzyfuzzyfungus (1223518) on Wednesday March 30, 2011 @10:55AM (#35667498) Journal
      Yup. It would be embarrassing if it were a couple of teenagers breaking in, therefore it is not a couple of teenagers breaking in.

      Perhaps it is the same mysterious "Advanced Persistent Threat" that hit RSA a little while ago...
    • (apologies to Wilson Pickett)

      Got to hit the IP like Tim Berners-Lee.
      Mash the keyboard, set up the d-words.
      See if its a MIPS, get to backbone from SLIP
      Find the SSH key like the great Trinity
      Hey! Uh!

      Na na-na-na-na na-na-na-na-na-na-na-na-na-na na-na-na-na
      I need somebody to help me type it one time
      (Na na-na-na-na na-na-na-na-na-na-na-na-na-na na-na-na-na)
      Wo--ow!

  • I'd venture a guess that a lot of the secretaries are on coupon websites. Downloading and allowing god knows what to run.

  • by Anonymous Coward
    I hope whoever did this grabbed all documents they could find and will be putting them on WikiLeaks or whatever. This is the only way we'll ever see any kind of transparency in EU goverment.
  • by Anonymous Coward

    I cant believe all the half ass comments here for a tech discussion. This is going on with a broader spectrum. Shame on /. and shame on this userbase. Amazing how some are unwilling to connect the dots, and submit good journalism / editorials.

    here an example: http://www.wired.com/threatlevel/2011/03/australian-pm-hacked/

    br- an old reader

  • I can't trace the source of this news. TFA mentions "an official", but who and where are a mystery. The websites of the EP and the EC make no mention of this.

Whoever dies with the most toys wins.

Working...