Tuesday, October 30, 2018

Civil servant who watched porn at work
 blamed for infecting a US 
government network with malware
CHILE-QUAKES-SAN RAMON-FAULT
A U.S. government network was infected with malware thanks to one employee’s “extensive history” of watching porn on his work computer, investigators have found.
Image result for porn
The audit, carried out by the U.S. Department of the Interior’s inspector general, found that a U.S. Geological Survey (USGS) network at the EROS Center, a satellite imaging facility in South Dakota, was infected after an unnamed employee visited thousands of porn pages that contained malware, which downloaded to his laptop and “exploited the USGS’ network.” Investigators found that many of the porn images were “subsequently saved to an unauthorized USB device and personal Android cell phone,” which was connected to the employee’s government-issued computer.
Investigators found that his Android cell phone “was also infected with malware.”
The findings were made public in a report earlier this month but buried on the U.S. government’s oversight website and went largely unreported.
It’s bad enough in this day and age that a government watchdog has to remind civil servants to not watch porn at work — let alone on their work laptop. The inspector general didn’t say what the employee’s fate was, but ripped into the Department of the Interior’s policies for letting him get that far in the first place.
“We identified two vulnerabilities in the USGS’ IT security posture: web-site access and open USB ports,” the report said.
There is a (slightly) bright side. The EROS Center, which monitors and archives images of the planet’s land surface, doesn’t operate any classified networks, a spokesperson for Interior’s inspector general told TechCrunch in an email, ruling out any significant harm to national security. But the spokesperson wouldn’t say what kind of malware used — only that, “the malware helps enable data exfiltration and is also associated with ransomware attacks.”
Investigators recommended that USGS enforce a “strong blacklist policy” of known unauthorized websites and “regularly monitor employee web usage history.”
The report also said the agency should lock down its USB drive policy, restricting employees from using removable media on government devices, but it’s not known if the recommendations have yet gone into place. USGS did not return a request for comment.Of course not!

One has to wonder if that false Nuclear Attack 
warning in Hawaii last year had a similar origin?
Imagine instead of monitoring important data 
these Guys are beatin their meat on Govt. time.
Hope nobody had to share their keyboard!
.

No comments:

Post a Comment