Virus blokirao izdavanje USA viza svuda u svetu!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sta li oni koriste kao AV kada je moguce da im se desi ovakva havarija?

U.S. State Department Blames The Welchia Virus

After the shock and horror of September 11, 2001 the U.S.A. decided to
fortify its borders with the passage of the Patriot Act. One aspect of
the Patriot Act was to upgrade the State Department's Consular Lookout
and Support System (CLASS), which contains more than 12.8 million
records from the FBI, the State Department and U.S. immigration,
drug-enforcement and intelligence agencies. Among the records are the
names of at least 78,000 suspected terrorists.

All U.S. consulates and embassies check every person applying for a U.S.
Visa against CLASS' extensive database of undesired visitors. It is one
of many hurdles visa applicants must clear in their often-trying quest
to obtain a U.S. visa.

The CLASS check is mandatory, without it the issuance of a Visa is not
possible. The automated Visa system is programmed to not even print Visa
documents until the CLASS check has been run and successfully passed.

One would assume, based on the tremendous size, importance and sensitive
nature of the CLASS database, that the Consular Lookout and Support
System would have been fully protected from all sides against any
threats. Recent events run contrary to this assumption.

On September 23rd CLASS ceased to function for several hours due to the
detection of a computer virus, and thus, for that time nowhere in the
world was a U.S. visa issued. With no immediate backup system ready,
thousands of visa candidates found themselves in a state of limbo.

U.S. government representatives did not specifically name the malicious
program that penetrated their computer systems, however, a message sent
to all American embassies and consular offices told that the 'Welchia'
virus had been found in one facility. Recently Welchia was in the news
as the cause of an epidemic at the end of August 2003 when it
compromised hundreds of thousands of computers the world over.

After first appearing on August 19th Welchia caused quite a stir as one
of the few so-called 'anti-virus viruses' designed to neutralize other
malware programs. In this instance the antidote became no less infamous
than the Lovesan (Blaster) network worm that screamed across the
Internet a few days earlier.

Just like Lovesan, Welchia penetrates computers via a breach in the
Windows security system; it only infects a machine after verifying that
Lovesan had previously infected it. Welchia deletes the Lovesan virus,
restores the damaged system and downloads the Windows patch needed to
close the vulnerability. Despite seemingly good intentions, Welchia is a
dangerous virus that achieved a massive scale via its powerful
distribution system that enabled it to span the globe within minutes.
How it could have managed to penetrate highly sensitive government
computer systems one month after the start of its epidemic is hard to
understand, especially when it is certain the U.S. State Department has
firewalls set up specifically to avert such unsanctioned access.

Furthermore, it is important to remember how Welchia spreads. The virus
only penetrates systems already infected by Lovesan (Blaster); yet,
there has been no mention of the dangerous Lovesan virus by the State
Department.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Matt Hines
CNET News.com
September 25, 2003, 08:50 BST

An attack of the Welchia worm lead the US Department of State to shut down its system for filtering visa applications in search of potential terrorists

A computer virus has hit the US Department of State, affecting the performance of the government's information technology system that manages visa approvals, according to reports.

The virus shut down the State Department's Consular Lookout and Support System (Class) on Tuesday, according to published reports from Reuters and the Associated Press. A State Department representative CNET News.com reached on Wednesday would not confirm that the system had crashed but indicated that IT personnel were working on a problem.

Late on Wednesday, the State Department provided more details of the incident. According to spokeswoman Joanne Moore, at 4:30 a.m. on Tuesday morning, the department's IT workers discovered the Welchia worm on an "unclassified open network" area of the Class system and began taking measures to contain the attack.

At that time, the State Department sent a message to employees around the world warning them that Class was being temporarily shut down in order to prevent Welchia from spreading. However, Moore indicated that the virus never truly infiltrated Class.

"At no time did the virus infect or corrupt the (Class) system," Moore said. "Due to the fast-spreading virus activity, the department was forced to quarantine all international communications."

Welchia and the related MSBlast virus target openings in Microsoft's Windows operating system and have been linked to a number of government computer failures. A new report from the Computer and Communications Industry Association asserts that reliance on a single technology such as Windows for an overwhelming majority of computer systems threatens the security of the US economy and critical infrastructures.

Class has been identified as one of the tools the US government is leaning on to help stem the flow of terrorists and other criminals entering the United States. According to the State Department, Class has been improved over the past two years and can now access more detailed information banks to scrutinise the eligibility of potential visa applicants.

In a letter sent to Congress earlier this year, President Bush said Class contains about 13 million name records, which increases the State Department's ability to recognise individuals who might be a threat to national safety.

"Class now has over 78,000 records of suspected terrorists, up 40 percent in the past year," Bush wrote in his letter. "This will allow federal, state and local entities to share information nationwide that will ultimately contribute to securing our borders and protecting our nation."

One security expert said a Class shutdown could be a short-term black eye for the State Department, but he pointed out that MSBlast similarly caught many corporations that have huge IT security budgets off-guard. Pete Lindstrom, an analyst with Spire Security, said while it may be disturbing to see that the US visa-approval system is vulnerable, "everyone slips up."

"What this situation highlights is the need for companies and governments to move security from the perimeter level to a layered level, something we've been talking about within the industry for years," Lindstrom said.

He said the current antivirus strategy, typically implemented at the firewall, works acceptably against the known threat of email viruses but can't prevent worms such as MSBlast from spreading. By installing security tools throughout different layers of IT rather than just at a system's perimeters, organisations could increase their protection levels, he said.

In regard to Microsoft and potential weaknesses in Windows, Lindstrom said it's too easy to blame a vendor for security breaches.

"The truth is that there is sufficient technology out there right now to protect organisations from almost any threat out there," he said. "It's mostly in how you use it."

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ha-ha-ha, ako, tako im treba ( Bobby inace nije posebno prijateljski raspolozen prema nadmenim Amerima koji misle da su povukli Boga za bradu )