Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Government

Kneber Botnet Strikes, Targets Gov't Agencies 102

Batblue writes "A botnet fingered for stealing a treasure trove of information last year has struck again, harvesting sensitive documents from dozens of government agencies and contractors, according to a pair of security experts. The botnet, dubbed 'Kneber' by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers. NetWitness deals in advanced threat detection technologies, and conducts post mortem network forensics for firms that have been hit with attacks or data breaches."
This discussion has been archived. No new comments can be posted.

Kneber Botnet Strikes, Targets Gov't Agencies

Comments Filter:
  • The botnet, dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

    I'm pretty sure they are saying the Botnet was behind a campaign of fake Christmas emails waged two weeks ago, but when you feel the need to interject information twice with commas it gets confusing.

    At first glance I thought they might be saying Alex Cox, the principal research analyst, was beind a campaign of fake Christmas emails. To which I thought "Well thats odd, why doesn't the summary say he's been arrested an charged then?"

    • by julesh ( 229690 )

      I don't think it's actually ambiguous. I can't see a correct way of parsing it like you did (the only way I get to your interpretation results in an unterminated phrase that begins "the botnet, dubbed Kneber" but doesn't ever get a verb and is therefore invalid), but I can see how it can result in a backtrack, which is somewhat confusing.

      The problem is, we use commas for two different syntactic purposes: to introduce a subordinate clause, and to introduce a parenthetical clause. It's use for both here. I

      • by blueg3 ( 192743 )

        Alternately:

        The botnet, which was behind ..., was dubbed "Kneber" by Alan Cox, principal ...

        The sentence used in the original isn't technically ambiguous, since there aren't two gramatically-correct readings, but it is confusing, because it's easy to misparse the sentence.

        It'd be even better to split it into two sentences or drop the information about who named it "Kneber".

      • This is probably a good reason to prefer parentheses over commas for parenthetical phrases, but for some reason I've never really understood this tends to be discouraged in formal writing. Rewriting the sentence using this punctuation style, it's perfectly clear:

        The botnet (dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness) was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers.

        Yes, exactly.

        When you are talking to a programmer, and this site is literred with them, we eventually start to view the English language syntactically like we would any programming language.

        Having a subordinate clause inside a parenthetical clause works fine when they don't use the same identifier. Otherwise they appear mismatched or unclosed.

    • ...when you feel the need to interject information twice with commas it gets confusing.

      This one sentence will make your head explode [austlii.edu.au].

      • ...when you feel the need to interject information twice with commas it gets confusing.

        This one sentence will make your head explode [austlii.edu.au].

        Do something the Queen doesn't like and suffer the consequences ?

        • No, the "something" and consequences are quite specific, and it's not just Mrs Betty Windsor (if it helps, she doesn't like being called that, but I'm in no danger of being arrested for just typing it). The shortest summary I can think of is five words, or three and a number.

    • by mcgrew ( 92797 ) *

      Taco and batblue are nerds, not writers. Not that one can't be both...

  • Too early to dupe (Score:5, Informative)

    by Desler ( 1608317 ) on Thursday January 06, 2011 @12:25PM (#34778772)

    Isn't a bit early to already dupe [slashdot.org] this story? You're supposed to wait at least a week or two before duping something, Taco.

    • by Monkeedude1212 ( 1560403 ) on Thursday January 06, 2011 @12:27PM (#34778820) Journal

      You're supposed to wait at least a week or two before duping something, Taco.

      You know the site is going downhill when the editors can't even follow the proper rules for duping articles.

    • How do you moderate the story as -1 Redundant.

      Maybe this one's not a dupe, the last one was a Precognition!

  • by Lifyre ( 960576 ) on Thursday January 06, 2011 @12:34PM (#34778942)

    This just in! The weakest link in the information security chain is the user! More at Eleven!

  • Yes, the same people that run our government are the same noobs who click fake eCards and run random .exe files attached to emails. Can ANYONE still wonder why our government is so screwed up, especially when it comes to technology and the laws/policies surrounding it?
    • by Anonymous Coward on Thursday January 06, 2011 @12:51PM (#34779296)

      While I agree in part with your sentiment, the government employee pool is one and the same with the private sector pool. Target this attack to a private sector company and I'd bet similar results would occur.

      • by Nadaka ( 224565 )

        I had a coworker that read an article on this and entered the example malicious url into her browser, a few minutes later IT came in and took her laptop away. She is the lead of our QC department. So yes, even smart and capable people do dumb things occasionally.

    • That's because our culture is bitterly anti-knowledge. Our masses enjoy shiny objects, but not being bothered with how they work.

      Our government will remain fucked up because most of our people deserve that.

    • Yes, the same people that run our government are the same noobs who click fake eCards and run random .exe files attached to emails.

      Yes, because the people that run our government are human. There exists no way to select superhumans to give power to nor any way to arrange for those who acquire power to become superhuman. People with political power suffer from all the failings and foibles of those without [1], which is why we should be wary of giving anyone power no matter how persuasive the argument for d

      • by yuna49 ( 905461 )

        The way to solve this problem is not to deliver infected emails in the first place. After all these years of development of systems for scanning email, no one should be getting infected attachments. I don't blame the endusers, but the IT staffs that fail to protect their users, and their organizations, from obvious threats.

      • People do not abuse political power because they are inhuman: quite the contrary.

        Very well said.

        It's interesting when an individual's humanity is questioned in response to their heinous actions.. such as a comment I heard spoken to a reporter who was garnering local feelings on the Egyptian Christian church bombing that happened recently.

        The woman being interviewed said something to the effect that '[the terrorist bombers] aren't human, they're just animals'.

        Although I wouldn't say our species is worthless, personally I find it a bit shameful that we (still) collectively consider oursel

    • by tibman ( 623933 )

      A lot of people don't really know what they are talking about. In my organization everyone is required to take annual training about these things.. even if you aren't important. Here is the anti-fishing training: http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm [disa.mil]

      You have to complete that training and print a certificate annually or you lose access to the network. The government does take these things seriously. It's a small percentage of individuals who aren't paying attention to the training or

  • I really have to ask this, but why the fuck do governments run any iteration of windows? seriously there are more secure OS's out there that than cope with anything the Gov needs, OSX, Linux, BSD. I've notice that in the world of operating systems, you get more the less u pay :D
    • The same reasons companies still use Windows, vendor specific software that requires windows to run.
    • Because Microsoft pays taxes... ...no? They don't? Oh. Then it's because Microsoft employs a lot of people who pay taxes... ...no? They send a lot of work overseas? Then it's because Microsoft uses lobbyists and other forms of influence peddling/meddling to keep government addicted to windows and microsoft products.

    • Because in the end, it all comes down to $. Even though the product costs less (or is free in the case of Linux or something equally open-source) the man hours and cost of retraining an entire company, or the entire government in this case, would far outweigh the ease of just continuing the use Windows and getting to click on "OMGTHESEPICSOFYOUARESOFUNNY.EXE" every once in a while.
    • by Anonymous Coward

      A UID of less than a million....aren't you over karma whoring?

      If you really are serious about what you said, you need to turn in your geek card

      • by mcgrew ( 92797 ) *

        Bashing Microsoft is by no means karma whoring, and in fact may harm your karma. Hell, I've been modded troll and flamebait for daring to ask why anybody would buy anything from Sony after XCP and the linux removal gaffe, and Sony is far more evil than MS.

        Lots of folks in Redmond get mod points. Bashing MS (or any company, sadly) is quite dangerous to your karma.

    • by tibman ( 623933 )

      It doesn't just start with the gov though. You should also ask why universities teach mostly windows software and OSs. C# is taught over C++/Java/PHP/Python/whatever. Education is based on the windows platform.

      • It doesn't just start with the gov though. You should also ask why universities teach mostly windows software and OSs. C# is taught over C++/Java/PHP/Python/whatever. Education is based on the windows platform.

        Honestly, during my university education in computer science I haven't once been taught a Microsoft language. On the contrary, since my earliest intro classes I've been required to code in a Linux environment (my intro to C class even required me to code in either Vim or Emacs!). The languages I've been required to use are as follows: C, C++, Python, Java, SML, Perl, and Shell, all in a Linux environment.

        In fact, the UNIX environment is emphasized so heavily at my university that in my free time I learned

  • by MacGyver2210 ( 1053110 ) on Thursday January 06, 2011 @02:55PM (#34781506)

    Further evidence that computer security is a myth.

    Your ability to protect information from unauthorized consumption will always be inversely proportional to the desire of determined individuals to know that information.

    If you really want to protect files, keep them unconnected to the internet. The only way to win is not to play.

Keep up the good work! But please don't ask me to help.

Working...