Viewed as the Bible of virus and malware information, theNational Vulnerability Database's (NVD) website of the NationalInstitute of Standards and Technology (NIST) was taken down onMarch 8 following the discovery of malware on two of itsservers.
Finnish security researcher Kim Halavakosk asked the NIST, viaemail, for an explanation as to why the database has goneoffline.
NIST spokeswoman Gail Porter replied that the site was offlinebecause “a NIST firewall detected suspicious activity and tooksteps to block unusual traffic from reaching the Internet,”Halavakosk said in a post to his Google+ account.
The malware that caused the shutdown took advantage ofvulnerabilities in Adobe ColdFusion to infiltrate the NDV, theRegister reports. Both servers were compromised for at least twomonths before a firewall detected them. A patch is now availablefrom Adobe to fix the issue.
Porter elaborated on the investigation, saying, “currentlythere is no evidence that NVD or any other NIST public pagescontained or were used to deliver malware to users of these NISTWeb sites,” assuring Halavakosk that the servers would be backonline as soon as possible, though she gave no specifictimeframe.
The threat of hacker attacks on US industrial and governmentinfrastructure has become a growing problem in recent months.
On Monday, White House national security adviser Tom Donilonimplored Chinese officials to stop hackers within their bordersfrom engaging in industrial espionage by breaking into Americancomputer systems.
Washington’s reaction follows a threat assessment study byAmerican computer security firm Mandiant, which concluded that anelite military group of Chinese hackers – the People's LiberationArmy Unit 61398 – has been engaged in ferocious cyber-espionageagainst the US. In the last seven years, it has allegedly hacked141 companies across 20 major industries, including those vital tonational security.
The Mandiant probe comes alongside revelations by dozens ofAmerican companies into illegal breaches of their servers. Facebookand Apple said hackers bypassed their systems while The New YorkTimes and the Wall Street Journal hinted that Beijing had accessedtheir networks to keep tabs on journalists writing aboutChina.
No comments:
Post a Comment