Forwarded from: matthew patton <pattonme@private> oh this is choice and has several mistakes. see in-line. --- InfoSec News <isn@private> wrote: http://www.signonsandiego.com/news/nation/20030923-1844-state-computervirus.html > > WASHINGTON - The State Department's electronic system for checking > every visa applicant for terrorist or criminal history failed > worldwide late Tuesday because of a computer virus, leaving the U.S. > government unable to issue visas. > > The virus crippled the department's Consular Lookout and Support > System, known as CLASS, which contains more than 12.8 million records > from the FBI, State Department and U.S. immigration, drug-enforcement > and intelligence agencies. Among the names are those of at least > 78,000 suspected terrorists. CLASS runs on a mainframe. Excuse me but what virus released recently infects a mainframe? And they've got at least 2 of them. One here in DC and the other in the mountains of WVa. infected the end-user terminals I would definately conceed since those are windoze PC's running various home-grown application to access said database. And desktop security was quite pathetic. > In an internal message sent late Tuesday to embassies and consular > offices worldwide, officials cautioned that "CLASS is down due to a > virus found in the system." There was no backup system immediately > available, and officials could not predict how long the outage might > last. Say what? BNS (Backup Name Service) has been deployed nearly world-wide by now I should think. I "left" the project last September and they were doing installs at 3 critical regional centers back then with an aggressive roll-out schedule. Even accounting for slips in software delivery all of the processing is done essentially in batch mode so the claim to not be able to check names is questionable. Bigger delays, sure. The BNS distributed database is synced multiple times a day with the mainframe and we even had means of updating all regional data-sources should connectivity be problematic. > Such an outage would represent the most serious disruption in years > to U.S. government computers from an Internet infection. I hardly believe that. But then again as the sole security engineer for BNS assigned naturally WAY late in the game, coupled with DoS' legendary disregard for security measures and penchant to do their own thing (they have their own notion of system accredidation), computer security was more of a wave of the hand than of any real substance. My strident insistance on even a modicum of security engineering given the critical nature of the system, it's tangible value to miscreants, and hostile operating environment became a political football because sysadmins, database admins, and programmers had apparently never had their bluff called before. Embarrasing questions raised in government circles have an uncanny way of getting the questioner removed to predictable effect. > Every visa applicant is checked against the names in the CLASS > database. The State Department's automated systems are designed not > even to print a visa until such a check is completed. I'm not sure I'd put much faith in that description. It's largely the call of the consular agent to determine if the computer-proposed matches are indeed worthy of consideration. I'm no expert on all facets of CLASS software, however. Seems the author likes to repeat the numbers of persons held in the database. There is another category which amounts to VIP's who get expedited treatment be they visiting sports competitors, heads of state and their staffs, or foreign political campaign donors, etc. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Sep 25 2003 - 04:41:19 PDT