back to article US State department rooted by 0-day Word attack

A virus attack aimed at US State Department computers last May penetrated government networks after a worker in Asia opened a contaminated email. The malware inside exploited an unpatched Microsoft Word vulnerability to spread. Some weeks later government investigators discovered multiple instances of infection, informed …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Butterfly effect

    Can't speculate on the motivation, if any, but a great illustration of the "Butterfly Effect"... someone opens an infected email, possibly because of being distracted and not thinking clearly, and eventually communications during a critical world event are disrupted... If there ever is an Armageddon, I'm sure it will start this way.

  2. Morely Dotes

    This is the natural result

    ...of purchasing proprietary "black box" software licenses, instead of obtaining free open-source packages and customizing them as required.

    Of course, the second approach would not provide much financial support to the Republican Party's huge corporate owner, Microsoft. It would, however, give ownership of the security to the US government. As things are right now, Microsoft owns whatever security exists - and Microsoft is completely in charge of whatever security *problems* exist.

    Also, creating an "official US government distribution" of a free open-source operating system and business software package would mean long-term employment of a few American citizens, as it would be unthinkable to outsource software programming of this sort of thing.

    Say, isn't some of the code for Microsoft Office developed in East Asia? Makes one wonder...

  3. Stuart Morrison

    Sophisticated != Government Sponsored

    "But external security experts speculate that the sophistication of the attack suggests foreign government might have been involved"

    Riiiiighhhtttt. Because the US government (and who knows how many others) are soooo sophisticated that they trust their departmental integrity (and the security of their nation) to the most egregious malware-magnet known to man.

    At least they are not 'sophisticated' enough to consider running their warships on that sort of software because.. oh.. er.. nevermind.

  4. D Crunkilton

    "China asks to control mouse and keyboard"

    Something about the way an earlier (year ago) version of MEPIS (when it was derived from Debian) was set up occassionally gave me a system pop-up message about a remote computer wanting to connect to mine. It basically said that a particular numerical URL wanted permission to take control of my keyboard and mouse. This would happen every week or two while connected to the internet with a phone line modem. I never saw this using a cable connection.

    I always declined the invitation to loan out my keyboard and mouse. Though I did note the URL a couple of times. It traced to China. I sent a complaint a couple of times to them.

  5. Anonymous Coward
    Anonymous Coward

    From another perspective

    Morely Dotes: I made a few phone calls to some guys I know since I saw your post, and we've just knocked up just such an OS.

    It's called SELinux, (Security Enhanced Linux), its written by America's NSA (the dudes with the black helicoptors).

  6. Goldie

    Black helis are not at Redmond

    ..., DoJ says.

This topic is closed for new posts.

Other stories you might like