“A break-in targeting State Department computers worldwide last summer occurred after a department employee in Asia opened a mysterious e-mail that quietly allowed hackers inside the U.S. government’s network,” Ted Bridis reports for The Associated Press.
Bridis reports, “In the first public account revealing details about the intrusion and the government’s hurried behind-the-scenes response, a senior State Department official described an elaborate ploy by sophisticated international hackers. They used a secret break-in technique that exploited a design flaw in Microsoft software.”
“Consumers using the same software remained vulnerable until months afterward,” Bridis reports. “Donald R. Reid, the senior security coordinator for the Bureau of Diplomatic Security, also confirmed that a limited amount of U.S. government data was stolen by the hackers until tripwires severed all the State Department’s Internet connections throughout eastern Asia. The shut-off left U.S. government offices without Internet access in the tense weeks preceding missile tests by North Korea.”
Bridis reports, “The mysterious State Department e-mail appeared to be legitimate and included a Microsoft Word document with material from a congressional speech related to Asian diplomacy, Reid said. By opening the document, the employee activated hidden software commands establishing what Reid described as backdoor communications with the hackers.”
“The technique exploited a previously unknown design flaw in Microsoft’s Office software, Reid said. State Department officials worked with the Homeland Security Department and even the FBI to urge Microsoft to develop quickly a protective software patch, but the company did not offer the patch until Aug. 8 – roughly eight weeks after the break-in,” Bridis reports. “Microsoft said it works as quickly as possible to provide customers with security updates.”
Full article here.
You’ve got morons in government and then you’ve got the true idiots who choose their software. Note to U.S. gov’t: Microsoft sucks. Sheesh.
To whomever thought up the brilliant idea to utilize Microsoft’s junk that isn’t even fit for Wal-Mart consumers’ use in the State Department: It’s amazing you can even breathe and blink and such, as even involuntary actions require a some brain cells. Is it painful to be so morbidly retarded? Or are you just blissfully unaware of everything and anything 24/7?
If the State Department used Macs instead, none of this would have happened – and that’s a fact.
Related articles (warning may contain some irony):
U.S. National Security Agency works with Apple, Microsoft, others on OS security – January 09, 2007
US Department of Homeland Security’s border screening system was crashed by Windows Zotob worm – November 03, 2006
US Department of Homeland Security: patch Microsoft Windows now or risk complete system compromise – August 10, 2006
Get a Mac: Viruses, spyware cost U.S. consumers $7.8 billion over last two years – August 08, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
FBI: Viruses, spyware, other computer-related crimes cost U.S. businesses $67.2 billion per year – February 01, 2006
U.S. Copyright Office: Use only the world’s most insecure browser to secure your copyright – August 17, 2005
Microsoft seeks to create ‘community of governments’ to battle Windows viruses, worms, etc. – February 04, 2005
80,000 UK government computers knocked out in Microsoft Windows crash – November 28, 2004
Axcess Business News: Is the U.S. government ‘too dependent on Microsoft?’ – September 26, 2003
Baltimore Sun columnist suggests adding Mac OS X to mix of government computers for safety – September 17, 2003
US Gov’t warns of Internet attacks after new Windows flaw revealed – September 11, 2003
CCIA wants U.S. Dept. of Homeland Security to reconsider buying ‘insecure Microsoft software’ – August 29, 2003
Apple’s Mac OS X added to U.S. government list of supported platforms – August 28, 2003
U.S. Department of Homeland Security says Windows vulnerable to attack – August 01, 2003
Department of Homeland Security chose Microsoft due to time and money limitations – July 21, 2003
U.S. Department of Homeland Security awards enterprise agreement to Microsoft – July 15, 2003
I blame Microsoft for the war in Iraq. There has to be a connection.
Stright from the pages of Atlas Shrugged
When will Microsoft be held accountable and liable for their shoddy software??? If an auto manufacturer builds a defective car, or an aerospace firm builds a flawed pain that harms individuals or their safety, then the government steps in (as well as the lawyers) and things get fixed. But for some reason, people’s IQs fall into the low teens when it comes to computers and their role in the safety of many, many people.
That’s supposed to be ‘flawed plane,’ not ‘flawed pain.’ Oops.
At some point in the future, we will have a true international incident caused by a Microsoft security flaw. It’s just a matter of when it’s going to happen, not if.
… and most of Homeland Security, the FBI and the White House run on Windows. Do we feel safe now?
Yeah – and no matter which two countries it actually affects, it will still be the fault of M$, and therefore, the US will be brought into it by association.
hey U.S. state department: GET A MAC
TAG: Ha ha
if they don’t get macs, they ought to at least get linux on those PCs. this shouldn’t be a matter of “we want them to switch to mac”, it should be “we want them to keep information SECURE, so we want them to switch to anything that isn’t windows-based”.
let’s send them our old commodore 64’s and apple ii’s. =)
… and most of Homeland Security, the FBI and the White House run on Windows. Do we feel safe now?
Actually the limited top brass in the White House and FBI run Mac OS X.
It’s just the rank and file “sh*tbirds” run ‘Doze and the reason is simple, so they can snoop on them.
Goggle it.
Oh, don’t overreact here. It is not a secret that MS software is buggy, but to be fair if a group of high-skiled hackers wants to break a system, they will. If SD had Macs and someone designed a clever tool they would break in too. Would it be harder? Yes. But they would break in anyways.
“Is it painful to be so morbidly retarded? Or are you just blissfully unaware of everything and anything 24/7?”
Eeeaaaasssssy big fella . . . no need to get upset . . . we’re all your friends here.
(Can someone dial 911, MDN is starting to sound like the nut from VA Tech!!)
Seriously MDN, you’re scaring me a bit. I agree, MS sucks and Apple rocks, but I can almost feel the spittle flying out of your mouth as you type this in a fit of rage. We can be justified about our OS choice, but I think you’re starting to take this all too personally.
The point is, it would be harder. Much harder, and the hole would be much easier to close. You’re arguing the security by obscurity myth, and that’s been disproven many times.
Have you heard about the Linux on iPod malware? Less than a thousand iPods out of the 100+ million sold have had Linux installed on them, and yet it’s the Linux version that gets the malware.
MDN Magic Word: put, as in: Put some thought into what you’re saying.
@In the shelter
Same thoughts here. That was little over the board. Just keep your cool MDN.
1. The Supreme Court puts Bush in the Presidency.
2. Bush orders the DoJ to settle the case with Microsoft for their illegal anti-competitive actions.
3. Microsoft agrees to take the DoJ settlement
4. A few months later the U.S. Government accounces that they are standarizing the entire government on Microsoft Windows
Amazing and Dispicable.
I wish someone out there could find and publish evidence that the Bush administration promised to give Microsoft the entire government account if they in turn would accept the slap on the wrist settlement rather than keep fighting it. Anyone?
I’m still fumming that all that stands between i.d. thevies and our personal information is a Windows-based Server.
“The point is, it would be harder. Much harder, and the hole would be much easier to close. You’re arguing the security by obscurity myth, and that’s been disproven many times.
Have you heard about the Linux on iPod malware? Less than a thousand iPods out of the 100+ million sold have had Linux installed on them, and yet it’s the Linux version that gets the malware.”
Did you even read my post?
“MDN Magic Word: put, as in: Put some thought into what you’re saying.”
I could say the same about you. What security by obscurity has to do with my post? I didn’t say anything about Windows being less secure because of market share, because I don’t believe it either. Do you claim that Mac OS X is a PERFECT OS? Because only then it would be unbreakable.
Yeah – and no matter which two countries it actually affects, it will still be the fault of M$, and therefore, the US will be brought into it by association.
lol u think?
You know….Why can’t these infiltrations go our way. Like all citizens’ tax debts have been wiped for 2007.
Just my $0.02
Who is John Galt????
Nobody suspects North Korea of planting the virus? Even the U.S. government? It probably never occurred to the government, because it’s stupid enough to use Windows.
Magic Word: Class. As in, Windows don’t got any.
@ Greg
You lost me at “1”
“I wish someone out there could find and publish evidence that the Bush administration promised to give Microsoft the entire government account if they in turn would accept the slap on the wrist settlement rather than keep fighting it.”
“find”??? Don’t you mean “invent”? (Tell the truth now)
My fellow Americans, I’m pleased to tell you today that I’ve signed legislation that will outlaw Microsoft forever. We begin bombing in five minutes.
That’s kind of scary that opening a Word document could install a back-door hacking tool on your PC…
I guess the pen IS mightier than the sword, especially if it runs VBA.
No. 1: Hmmm, these shit sandwiches taste funny.
No 2.: Nah, they’re the same shit sandwiches we had yesterday.
No 1: No, really, are you sure?
No 2: Sure, I’m sure. It’s an acquired taste.