InformationWeek – Thousands Of Government Computers Infected By Bots
Thousands of government computers may be under the control of cybercriminals. Software bots—malicious code that turns PCs and servers into remotely controlled “zombies”—have dug into the computers of federal and state agencies, security experts say. Once infected, those computers can be used to distribute spam, launch denial of service attacks, and even direct sensitive information into the wrong hands.
Security vendor Trend Micro, which has been studying the phenomenon and is pushing a service to detect bots, reports finding a bot infestation in government computers. Its list of bot-bitten organizations includes the Department of Defense, the Navy Network Information Center, the Pittsburgh Supercomputing Center, Argonne National Laboratory, and the Navy Regional Data Automation Center. At the state level, its list includes the Alabama Supercomputer Network, Arkansas Department of Information Systems, Iowa Communications Network, and Connecticut’s Department of IT.
Trend Micro planned to disclose its findings this week — ostensibly in the interests of public awareness. But as InformationWeek followed up with organizations cited by Trend Micro, some of the vendor’s conclusions were called into question, owing in part to the complexity of tracking these zombie computers. One national laboratory, for example, was initially identified as having compromised machines, but the lab disputed those findings and subsequent analysis by Trend Micro revealed that the spam in question doesn’t appear to have come from computers that were hosted at the lab. Trend Micro has since postponed its announcement and is double-checking the 60 terabytes of data it used to trace spam to bot-infected computers. [Read more]