The European Parliament network has fallen under cyber-attack, leading to a suspension of webmail and other security restrictions. The assault, which has led to the suspension of webmail access in Strasbourg, comes after attacks against the European Commission and the External Action Service networks. The Parliament and the …
politicians and "doing the right thing"?
EU means European Union, not European Utopia
Technology != Product
Verified Microkernels? Mandatory Access Control?
Please let me know which one of those actually provides a webmail interface. I'm sure they could get someone like BAe to build them a lovely mil-spec mail system for a few billion euros, given a decade or so (disclaimer: system may not be lovely or functional), but in the short term it is largely impractical to protect a large, complex, distributed system intended for use by totally non-technical people against skilled, intelligent, resourceful attackers.
There's not a system in the world that will protect a bureaucracy against the carelessness and thoughtlessness of users who are more interested in *using* the system than jumping through security hoops. Virtualisation and fancy programming languages will not fix this.
UR-gently calling amanfromMars
>> "...some systems have been spontaneously uninstalling malware from themselves..."
Computers have developed the intelligence to create cargo cults? Who would have gaussed?
So sayeth google translate. Or you could, you know, learn Chinese. You may have to anyway, lest you won't be able to read your own email any longer.
"experts at Microsoft and McAfee are puzzling over the attack"
Well don't hold your breath, they will be puzzling for a very long time. These two companies know almost nothing about effective security.
As another poster said, why don't the EU engaged with European IT professionals and companies for goodness sake?
Re: Security Experts?!
"don't hold your breath"
Indeed, especially in the latter case, since it is now clear that their website has security flaws in it that allow scripting attacks. I've never used them, though they've been popular amongst IT support teams in academic institutions where I've worked.
Be Aware, Red Team Blue Hats and Systems Vulnerability Penetrations BetaTesters at Play
Errr.... has anyone seen a SMART NEUKlearer HyperRadioProActive Robot . I think one has escaped and may have gone over to the tempting dark side for some hot trick action in a perfectly stealthy trojan horse vehicle? ....... http://forums.theregister.co.uk/forum/1/2011/03/31/quantum_dual_robotics/
Many a true word is spoken in jest, Luther B., and if you can do anything, is everything possible, but that is not to say that one does everything whenever anything odd happens.
I'm not sure...
that you really are from Mars.
Another sign ...of successful infiltration
"I'm not sure... that you really are from Mars." .... IMVHO Posted Friday 1st April 2011 08:53 GMT
Thank you for that, IMVHO, ..... it is proof positive of stealth working extremely well.
Pssst! ..... I'd keep those thoughts to yourself, IMVHO, for anyone not knowing what is going on, would maybe think you were surely crazy.
Popular theory? Gadz man looking at the timing.
It's obviously the Iranian working through their Al Quadia front to support their agent in Libya. Why else would it have happened so soon after you guys convinced 0bamma to start bombing him?
Large and complex IT systems to blame?
Indeed. Until you've worked inside a large international organisation, you would be amazed at their internal IT security.
Excluding the webmail problem, which I think that it the least of their problems, there are ways to avoid APT but they require more than security products, they require knowledge of what are you fighting against and specially management support in order to implement drastic changes to the way people work.
And don't be too hasty to point the finger at the fat Eurocrats. Everyone is concerned by this, the only issue is to make them aware of it.
Common theme going on here...
I think there have been similar attacks on other international agencies - the webmail access at the World Bank was also taken down for a while after a cyber-attack (reportedly).
They use Lotus Notes, but for external consultants the webmail interface was the only option. When webmail access was discontinued, they sent out notifications - via the same system so no-one who actually needed to know could find out......
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- China in MONOPOLY PROBE into Microsoft: Do not pass GO, do not collect 200 yuan
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS