Ongoing malware problems at the Ministry of Defence have left some officials and service personnel still without desktop computing, a fortnight after infections began. However, the MoD insists that media reports of its email being sent to Russia are untrue. MoD officials confirmed to the Register this morning that some ministry …
what do you expect?
the teams that runs MOM etc and Netcool that checks the MOD networks (F and C, so thats Infrastructure Monitoring on F and the RMC on C) for viruses and stability are inept at best, they are hired from a help desk and as such have no real IT skills what so ever.
If they had done their jobs properly then maybe this would of been contained at its entry point and no harm done.
shockingly bad form Fujitsu.
Just goes to show as long as there is a human factor nowt is safe.
..Wonder why they call them Virus? Really a program.. Could call windows a virus hehehehehe
Well what the fuck did you expect from Windows?
Any sane person would suggest this is a wake up call and time to get that Windows crap wiped off these systems, and some verifiably trustworthy open source OS and applications installed instead. But no doubt they'll just buy some more system crippling anti-virus parasitic-ware to dump on top of the Microsoft insecure bloat-ware.
Who needs enemies?
Having just ranted on elsewhere about Banks being a bit clueless on finance - here`we have the MOD a bit clueless on defence.
That's presuming it is our virus of the month and they are running bog standard windows. I mean any security expert should know that any Microsoft published security fix will be exploited within days and systems open to the outside (net, floppy, stick ...) has to updated faster. Looks PC like they didn't.
Even then standard security thinking should not have all one's eggs in one basket. Use Windoze if you must. But a mix of other OSs may put a little on the overheads (but saving on licencing?) will limit any failure to managable proportions - even if it means the top brass having to share a PC with an oik.
The mind boggles at some of their thinking. Especially, if like me, you have tried to sell them solutions (never mind the quality, feel the cost). Yet still stuff seems to come out costing us more than it should.
I wonder what's really going on
I see no reason to believe everything the MoD puts out for public consumption, but no reason to assume they are all lying bastards either.
"The MoD also stated that no command or operational systems [...] had fallen victim to the infection."
Let's hope that bit is true. It certainly *ought* to be the case that there are barriers between such systems and the outside world.
Let's also hope that the present debacle is sufficiently scary for all the decision makers that these barriers are strengthened by future purchasing decisions rather than weakened. This isn't an argument againts COTS systems within the MoD but it is certainly a reminder that they aren't as cheap as they look once you have factored in the expense of mitigating their associated risks.
Goes to show
If the viruses aren't forwarding all the email to overseas, hostile forces, it is simply because the virus writers, in this case, simply did not have the foresight to make it do so, and were not working for those overseas forces. I certainly see nothing about the configurability of the Conficker worm to stop it being modified to do so, even if a bit of port-forwarding was needed, to get around whatever meagre firewalls these MoD site do have running..
Also, if the Chinese military really DOESN'T employ teams of black hats to penetration-test MoD systems, they'd be mad not to start doing so. You don't have to be looking for UFOs, to find vested interest in subverting the computer systems of an overseas military - even one you're not overtly hostile to! The notion that any such intrusions would be detected - at least at first-point-of-attack - appears to be rufuted by this evidence.
Windows @ the MOD
There is a major problem that I can see in the use of Windows systems to "cut costs"; namely the replacement of technically competent, experienced network administrators with newly minted MCSE "Numpty tick box "administrators.
Yes, a numpty will cost you less to employ initially, but won't half empty your pockets in the long run.
"system crippling anti-virus parasitic-ware to dump on top of the Microsoft insecure bloat-ware."
Perfectly put Sir, Norton/Symantec/AVG/Mcafee are probably responsible for half the CO² production on the planet*. Think of all those zillions of PCs running the above cripple-ware, on-demand, then spending 5 or 6 hours a day doing a full file system scan.
* If a google search does, what's the cost of Norton/Symantec/AVG/Mcafee - anyone care to do a study?
"as many as three-quarters of the Royal Navy's warships"
How many ships is that? Aren't we down to the low 20s in numbers of surface ships? How is an infection defined? One PC? So that could mean that only 15 machines would need to be infected to get that statistic...
Paris - we are both confused by the numbers...
Now I'm just amused
I didn't read the other comments before posting my previous one. I always get a tickle when I read the pure vitriol people can spout about an operating system. I wonder how many have actually used Windows in a secure environment. It can be surprisingly easy to keep secure if you have end to end control over your environment. And when you don't (like in N*) you keep it completely separate from your secure networks. No firewalls, no routers, no cables.
If it emerged that the MOD was going counter to almost EVERY established fact about computer security there is by doing things like joining networks then they probably deserve this kind of hatred but given that everything is working as it should, and as it probably would in any large company, it seems a bit OTT doesn't it?
Wasn't it the MoD who carpeted the outside of their building with wifi access points to give people a false point of entry? If I remember correctly it was done because they couldn't trust their security guys to do a proper job.
Cap'tn, pirates off the starboard server
Battle stations lads, let show these scurvy-dogs who's got the best firewall
..skynet should do a good job of flushing out the crap
on second thoughts
Two patches needed
I have been telling Symantec til I'm blue in the face that patch KB960714 is also required to stop the temp IE reinfections.