California gov site invaded by smut and malware again Raising troubling questions about the security of America's government websites, more domains ending in .gov have been found hosting links that push porn and malware. They include the Marin County Transportation Authority, which has has watched its site get hacked at least twice before. In early October the domain forced the …
..the pages are still there! If anyone fancies getting malwared by the US government just google for "sex", "porn" and site:usaid.gov" and follow the links to the halfwitted organisation's pages. I found http://tanzania.usaid.gov/admin/menus/_builder/files/images/.../01/830.html to be particularly enjoyable.
Thank you Reg ;-)
2 different hosts, 2 more or less identical attacks? sounds more like there is a vulnerability in the CMS....
probably a simple SQL injection at the root of it all, but that would be to easy/honest for politicians to admit the system is borked, far better to blaim somone smaller than the govt.
As if I'd do a nasty thing like that!
The link came from none other than the hallowed verbage of El Reg. My point was that the afore mentioned receptacle of wisdom has seen fit to declare that evidence of the hacks "are easily documented by these two Google searches", and then went on to hotlink to Google results which include the one I posted - all still very much alive and dangerous. El Reg goes on to say that the link is "safe to click if you don't mind "porn" in your url". Presumably having your poor Micro$oft infested machinery eaten alive if you follow the links isn't cause for concern?
Follow the two Google links in this part of the article too see what I mean:
The infections of the gov sites, which are easily documented by these two Google searches (safe to click if you don't mind "porn" in your url), appear to be yet another attempt to boost the rankings of the malicious sites.
Dan Goodin must have been distracted by the saucy vids of Paris Hilton which he keeps on his iPhone to publish a beautifully crafted elephant trap like that... or was it on purpose? ...is he the criminal mastermind behind the whole fiasco? Heck, where's the tinfoil?
AC2: Calm down. There is no harm in clicking on the links in the Reg story. They simply take you to a Google page and run a search that shows links to the infected pages. Heck, even clicking on the search results themselves doesn't install malware so long as you don't click yes to popups that ask if they can install software on your machine.
Just to make things extra clear, I've updated the story to say "safe to click if you don't mind "porn" in your url, but you probably shouldn't click on any of search results."
"the executive director of the agency apologized for the problem"
<yawn>
Another public-titty-sucker who isn't willing to take responsibility. Betcha she's quick to take credit for Good Things that happen under her direction, however.
Is anyone else getting tired of these empty apologies? It's time for managers, govt ministers, etc to start admittng responsibility and do the right thing: fall on their swords.
One wonders if the governing body of the Marin transport agency will dock the executive director significant pay and perks for having done the job poorly. Probably not. It's time to start saying "no excuse, security is a known issue and under your direction we had an insecure system."
Time to stop outsourcing key government functionality - and these days, having a public website is key. Plunk down some cash for a couple of machines, cluster them and run them in-house. Kick those damn web hosting companies - bloody extortion what they are after to simply host a domain name.
@Paul Murray.
Surely you are not suggesting that the same public bureaucracies that brought us the California Dept. of Motor Vehicles computer upgrade fiasco in the early 1990s be responsible for hosting their own websites. These idiots spent more than US$44 million on a system that was never built and would have been obsolete before it was finished. (San Francisco Chronicle, February 2, 1997)
We can't afford that sort of efficiency in our Gov't IT departments.
When a Government site (any Government, not just the US) is hijacked in this manner, the obvious - and appropriate, and measured - response is to launch a major, deliberate denial of service attack on the site(s) in the link(s). Governments have the power (and the legal right - I won't talk about ethics nor morals, since no Government has ever had more than a nodding acquaintance with either of those) to defend themselves against attack, and this is certainly an attack.
Furthermore, if the Government in question wants to permanently discourage such attacks, competent IT security blokes (and/or blokesses) should be immediately put on the trail of the ultimate beneficiaries of the hijackings, and once located, their assets and persons seized. Let's put Gitmo to some "good" use for once!
But that will never happen, because, as is all too obvious, competent IT people avoid Government jobs like chavs avoid work.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
