US Labor Dept website serving malware to innocent visitors
No one's innocent.
The US Department of Labor's website has been hacked and malicious code stuck behind the scenes, security tools firm AlienVault says. Since yesterday, the DoL site has been serving out malicious code that installs malware on unsuspecting users' computers, AlienVault's labs director Jaime Blasco told The Register. The DoL said …
Gee I wonder if they went after the Labor Dept because they are not big on labor laws at all (one man's school is another man's Chinese government owned fireworks factory). Somebody forgot to tell them we are now backsliding and well on our way back to child labor for the poor as well (what was that Newt and other GOP twits said on the issue?).
How about just blocking all forms of webmail?
Ok, it doesn't stop idiots from using remote access from home machines to compromise your servers, but there usually isn't a business case for allowing any webmail on corporate networks and there are business reasons for blocking it (IP theft etc)
(Unless your corporate email is provided by one of these webmail services, in which case, $deity help you!)
As an advocate for the workers and their survivors who became ill from working at the nuclear weapons facilities, I am dismayed and concerned about this incident. Originally, only DOL claims examiners had access to this database. They used the information to decide whether or not a toxic exposure was responsible for an illness. The advocates fought hard to get this database in the public domain so that the claimants would have the right to challenge any incorrect information. Before the database was made public, the advocates felt that the claimants due process rights were being violated. Now, because of this hack, we are back to square one. Shame on the hackers! We have no idea if DOL will be able to fix this. Or even if they would want to. We have no idea if the claimants will be able to find the evidence they need to prove their claim.
@tbarie, the US Government requires, by law, all data be backed up.
So, the worst case is, data may be lost from whenever the server was infiltrated to complete data restoration.
That said, such backup needs funding. One organization I worked for had a "red headed stepchild" budget and we had to backup servers to other servers and zip funding for central log administration.
But, if they can't fix the problem, the lot of them need to be released to find jobs as cab drivers and competent personnel be hired.
And yes, I'm familiar with your advocacy group. It has helped a lot of people over the years and I hope it continues to advocate for those injured during our hasty rush to things nuclear before we fully understood the issues around the various programs.
This post has been deleted by its author
Be nice to say a little bit about what platform the site is running on if we're talking about a vuln which presumably we are.
@Eadon - for pity's sake, I thought we all knew many attacks appear to come from China because of the abundance of insecure machines out there. The "hackers" can be anywhere, and are more than likely right here or in the US or Germany.