The director of the US Pentagon's Missile Defense Agency (MDA) has chided employees and contractors for using government computers to surf porn.
The MDA, an agency of 8,000 employees, develops, fields, and upgrades the country's ground-and sea-based missile defense programs.
On July 27, Executive Director John James Jr. sent out a memo citing instances of workers accessing x-rated sites as well as emailing explicit images—usage that exposes the network to malware or malicious code.
Bloomberg News quotes the memo:
These actions are not only unprofessional, they reflect time taken away from designated duties, are in clear violation of federal and [Department of Defense] regulations, consume network resources and can compromise the security of the network though the introduction of malware or malicious code.
In the one-page memo, James wrote that in recent months government employees and contractors were detected engaging in inappropriate use of the MDA network.
MDA spokesman Rick Lehner told Bloomberg News that "less than a half-dozen" of the agency's 8,000 employees had been caught accessing restricted sites or downloading inappropriate materials, caught by what he called a "highly advanced monitoring system to detect intrusions, access to inappropriate websites, viruses and malware downloads."
There was "never any compromise" of the network, Lehner said, given that the monitoring system "worked as designed."
James wrote that those found breaking the rules would face disciplinary action, which could include suspension and removal from federal service or MDA-sponsored contracts, given that they'd put their security clearances in jeopardy.
News outlets such as Wired are dubbing it the latest skirmish in an ongoing war on porn at the Pentagon.
More to the point, porn has been used to deliver malware payloads.
But so are lots of things: for example, removable storage devices.
One example was the case of keyloggers found on USB drives left in public libraries.
And as Sophos found when researchers bought 50 drives at a public auction, USB drives had a 66% chance of being infected with malware.
And so, too, at the other end of the surfing/morality spectrum, are religious sites notorious for inflicting malware payloads.
The MDA is far from the only organisation that has to deal with bored people and the potentially security-compromising shenanigans they can get up to on a network, be it surfing porn or religious sites.
Experts on PLC/SCADA systems used in US prisons told the audience at theSOURCE:Boston security conference in the spring about walking into the heart of networking control rooms in correctional facilities, only to find employees whiling away their time surfing Facebook from these highly sensitive industrial control systems.
Porn surfers might be wise to keep this past-time to the privacy of their own networks. Like all internet users, they should employ basic computer security precautions, such as:
- Using different passwords for every site,
- Using strong passwords [video], and
- Changing passwords after a site's been breached,
- Vetting the security history of a given site.
Intercepting incoming missiles may be a sleepy, uneventful role for MDA workers. Perhaps it's flat-out boring.
But if keeping the nation's missile defense network clean of malware isn't enough incentive to avoid salacious surfing, perhaps the prospect of getting fired might be.
After all, James didn't mince words: MDA workers, they're watching you. Source-NakedSecurity
by on August 6, 2012
No comments:
Post a Comment