12.03.08
US Army Becomes Zombies Army; London Hospitals Still Ill (Windows Viruses)
Back doors no longer a great idea?
“It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere.”
–Jim Allchin, Microsoft
(In relation to the issue of sharing technical API and
protocol information used throughout Microsoft products)
In a society that is increasongly digital, even people’s physical security depends on software. So how about this breaking news?
Computer Virus Hits U.S. Military Base in Afghanistan?
The largest U.S. military base in Afghanistan was hit by a computer virus earlier this month that affected nearly three quarters of the computers on the base, U.S. News has learned.
It’s reported that 75% of the machines are infected, which is more than the usual 40%.
Carla Schroder nonchalantly wrote:
Ever notice how Microsoft plasters the Windows name on everything it can reach? Splash screens, stickers on computers, and advertising everywhere. There is no escaping it. Except when it’s yet another malware outbreak– then all the news organizations go inexplicably deaf, dumb, and blind, as this latest story demonstrates:
Virus hits nearly 75% of systems on Afghanistan military base.Is it serious? Well….
“…the intrusion was severe enough to raise the INFOCON status, the information security equivalent of the DEFCON alert, and also necessitate the briefing of the president.”
And yet nobody is yelling “Why the heck are they using Windows?”
But it’s not just the military where it is a matter of life and death. London’s hospitals too are under siege by Windows viruses over two weeks after the plague had been initially reported and the system taken down. Here is the report from The Register.
Computer systems at three London hospitals are almost back to normal two weeks after a computer virus forced staff to shut down its network.
[...]
In an updated statement, posted on Friday, the Trust said 97 per cent of its 5,000 computers have now been scanned and confirmed to be free of malware. The remaining PCs should be back online soon.
IDG covered this too.
Around 5,000 PCs at St Bartholomew’s, the Royal London Hospital and The London Chest Hospital were hit in mid-November by an infection of Mytob, a worm that e-mails itself to other PCs and can be used to put other malicious software on a machine.
About 97 percent of those PCs are now clear of Mytob, according to a statement issued Friday. The remaining PCs, which are located in non-clinical areas, should soon come back online.
How much did it cost to repair these PCs? How many hours were needlessly spent by nervous staff? How much data was stolen? How many ill people received no treatment? How come nobody is reported to have been sacked for this fiasco, which is akin to the one in LSE? Next time you visit the hospital, bring a Live CD.
Also in the news so far this week:
1. Worm Spawns Huge New Botnet
The worm exploiting a critical Windows bug that Microsoft Corp. patched with an emergency fix in late October is being used to build a new botnet, a security researcher said Monday.
Ivan Macalintal, a senior research engineer with Trend Micro Inc. , said that the worm, which his company has dubbed “Downad.a” — it’s called “Conficker.a” by Microsoft and “Downadup” by Symantec Corp. — is a key component in a new botnet that criminals are creating.
2. McDonalds survey scam is super-size fraud
Phishing fraudsters are attempting to scam the credulous into handing over their credit card details on the basis of a supposed offer from McDonalds.
According to an alert from the security firm, the hoax message, which has been received by a number of Orkut users and is written in Portuguese, looks like it comes from a lonely Orkut member looking for love and features a number of links which appear to link back to the social-networking site.
4. Malware is Getting Smarter, CA Warns
Online attacks will be dominated by smarter malware and bots targeting Web users ranging from gamers and social network users to the elderly and unsuspecting parents.
This is according to IT management software company CA, maker of the CA Internet Security Suite, which was recently updated to the Plus 2009 version.
Computers used to be fun. They are still fun… for cybercriminals. █
Highlight: Novell was the first to acknowledge that Microsoft FUD tactics had substance. Novell then used anti-Linux FUD to market itself. 
Highlight: Xandros let Microsoft make patent claims and brag about (paid-for) OOXML support. 
Highlight: Linspire's CEO not only fell into Microsoft arms, but he also assisted the company's attack on GNU/Linux. 
Highlight: Microsoft craves pseudo (proprietary) standards and gets its way using proxies and influence which it buys. 
Highlight: The invasion into the open source world is intended to leave Linux companies neglected, due to financial incentives from Microsoft. 
Analysis: Xen, an open source hypervisor, possibly fell victim to Microsoft's aggressive (and stealthy) acquisition-by-proxy strategy.
Needs Sunlight said,
December 3, 2008 at 3:44 pm
“Our products just aren’t engineered for security.”
http://www.infoworld.com/articles/hn/xml/02/09/05/020905hnmssecure.html
And given the number and age of remote vulnerabilities that affect vista on back to 2000, the same can be said today…
There was a choice quote from the anti trust trials in the US about the MS code being so bad that it was a danger to national security… then MS turned around and gave what it claimed ot be the same code to China. Perjury or treason, no middle ground…
Roy Schestowitz said,
December 3, 2008 at 3:50 pm
That quote from BrianV has just slipped into my quotes file. Thanks for that.