FBI May Shut Down Your Internet Access March 8th.(AP).This March 8th, the FBI is planning to unplug DNS servers it set up to help eliminate malware from over half of Fortune 500 companies and government agencies still infected in early 2012.The change could potentially leave a great number of Internet users without access to the Web.
InfoWorld reports: ...the feds replaced the criminals' servers with clean ones that would push along traffic to its intended destination. Without the surrogate servers in place, infected PCs would have continued trying to send requests to aim at the now-unplugged rogue servers, resulting in DNS errors.
The malware, called DNSChanger Trojan, is said to illegally redirect traffic and prevent users from accessing the updates necessary to remove it. Without access to these critical patches, these large companies, government agencies, and home users are said to be more susceptible to hackers.
This prompted InfoWorld to wonder: This fact does raise the question of why so many Fortune 500 companies and government agencies have failed to notice they have a problem, as they presumably have IT security professionals on staff who should be monitoring such incidents.Those computers still infected with the Trojan will not be able to access the Internet after the FBI shuts down their temporary servers.The feds received a court order in November, 2011 to replace the "rogue" servers with surrogate servers to operate "just long enough for companies and home users to remove DNSChanger malware from their machines."
Rod Rasmussen, president of Internet security company Internet ID, told Krebs on Security that there are still millions of PCs infected with DNSChanger. “At this rate, a lot of users are going to see their Internet break on March 8.”A working group advising the FBI is said to be considering requesting an extension of the court order to give more time to users of infected machines to remove the malware.
Although this may indeed be a very real problem that Internet users must be vigilant to protect themselves from, depending on the government to provide servers when their own agencies are infected doesn't seem like a trustworthy solution. Additionally, a previous private-government working group put together in 2009 to combat the Conficker Worm has accomplished very little as 3 million computers are still said to be infected.
These viruses are called Trojans because they are disguised as something friendly, enter computers, and then install malicious software. Someone with a healthy distrust of the government may see the FBI's warning that millions will be cut off from the Internet as a Trojan Horse itself so that they may retain control over the new servers.After all, if the FBI is controlling the "legitimate" servers, wouldn't they have access to all the traffic information of individual users and large corporations?
To ensure your computer is not infected please follow the instructions here. And follow Krebs on Security for news updates pertaining to this story.Read the full story here.
Related? Flashback 08 Feb, MFS- The Other News:
Bill would give DHS broader control of cybersecurity, follows corporate-sponsored MIT study recommendations.(AP).By Madison Ruppert.In December of last year I covered a study conducted by MIT with the help of “advisers” from the exact corporations which would benefit from the implementation of the recommendations of the report, and now it appears that these ideas have made their way all the way to Capitol Hill.This bill, which is reportedly currently before Congress, would give the Department of Homeland Security (DHS) significantly more monitoring power of the cybersecurity practices of private industries and services which are supposedly part of the United States’ critical infrastructure.The details of the bill have yet to be released, and I have not even been able to track down a number for the legislation yet so I can actually read it (if anyone can help me out with this I would be quite grateful).The small portions of the bill which have been made public attempt to define which companies are covered by the bill, although it is hardly as precise as one might like.Furthermore, I find it laughable that any legislation is allowed to be kept from the public at all, although given that our current government refuses to even justify why they think they are able to murder Americans without charge or trial, this is hardly unusual.The companies which will be affected by the bill have systems “whose disruption could result in the interruption of life-sustaining services, catastrophic economic damage or severe degradation of national security capabilities.”As I’m sure you can tell, this leaves a lot of wiggle room, something which legislators and bureaucrats love because it allows them to exploit the legislation as much as possible without technically violating it.A recent article in the Washington Post claims that the bill is just going to allow DHS to inspect the computer systems and networks which fall under this jurisdiction in order to determine if they are sufficiently secured against cybersecurity threats.I’m not sure if DHS and our so-called Representatives are aware, but our own deadly drone fleets are infected with malware. Maybe they should worry about securing the most critical of government systems before beginning to impose themselves on private industries.If they can’t even manage to secure unmanned aerial vehicles or Pentagon networks, who in their right mind would trust them to tell private industries what to do when it comes to securing their networks?This bill would allow the DHS to actually require companies to upgrade their systems and improve security if they decide they do not meet their arbitrary standards.Read the full story here.
No comments:
Post a Comment