FBI & US Marshals Malware Infection

Here is the text from an article posted by the SANS institute…

“GOVERNMENT SYSTEMS AND HOMELAND SECURITY –Malware Infects Computers at US Marshals Service and FBI (May 21, 2009) Part of the computer system at the US Marshals Service was shut down Thursday morning after malware was detected. The decision was made to shut down Internet access and some email service to prevent the spread of the malware while the infection is being cleared up. No data have been compromised. The agency was running Windows-based systems that had anti-malware software installed, but the software had not been updated in more than three years despite the agency having paid for upgrades that would have protected against the malware. In addition, the Windows Operating Systems did not have the relevant patches applied that would have prevented the malware from infecting the machines.”

Yes, even our own government agencies don’t apply security software patches and updates that are the most effective in preventing infection. They even had purchased the licenses, but hadn’t taken the time to apply the updates in more than 3 years. This is why when Verizon did their data breach study not too long ago, they found that nearly all vulnerabilities that were exploited had patches available at the time of the breach, and in nearly all cases, the patches had been available for many months.

Being secure is less and less about the available technology, but rather the policies and following procedures to keep what you have up-to-date. Technology is only as good as the overall security program that enables it through human management and upkeep.

http://www.msnbc.msn.com/id/30873876/

http://www.networkworld.com/news/2009/052109-marshall-malware.html?hpg1=bn

http://www.foxnews.com/story/0,2933,521040,00.html