Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Federal Employee Visits 9000 Sex Sites, Infects Network with Russian Malware

November 5, 2018

So how did this guy do any actual work? As reported on Bitdefender’s Hot for Security blog, an investigation into “suspicious internet traffic” conducted by the Office of Inspector General at the US Geological Survey’s Earth Resources Observation and Science (EROS) Center satellite imaging facility in Sioux Falls, SD, revealed an employee had used US government internet infrastructure to access some 9,000 adult websites.

Some of the websites redirected to Russian pages infected with malware, compromising the agency’s computer system as the malware spread across the entire network, according to a Management Advisory report to USGS from Matthew T. Elliott, Assistant Inspector General for Investigations. Digital forensics found the employee downloaded images onto a USB device and a personal smart phone, then connected the compromised devices to his work computer.

Two vulnerabilities were identified in the system’s security that involved website access and open USB ports. To prevent such problems in the future, the US Department of the Interior made a number of recommendations, including employee training and blocking illegal activities on government networks, particularly adult content, and prohibiting the use of USBs.

“We recommend that the USGS enforce a strong blacklist policy of known rogue Uniform Resource Locators (more commonly known as a web addresses) or domains and regularly monitor employee web usage history,” Elliot said. “Since this incident, the EROS Center has deployed enhanced intrusion detection systems and firewall technology to assist in the prevention and detection of rogue websites trying to communicate with Government systems.”

The training recommendation made me laugh. We've run across employees like this before and no amount of training deters them. The other recommendations should have been implemented a long time ago.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Federal Employee Visits 9000 Sex Sites, Infects Network with Russian Malware

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer