Malware 'knocked out' US government agency network

The US Marshals Service network in the middle of the week was 'knocked out' completely after suddenly being attacked by malicious code .

The agency's public relations department yesterday officially confirmed the incident. The Washington government has called on the US to specifically inform the incident to the Agency for quick response to emergency computer situations (US-CERT). CERT does not currently provide any information about the incident mentioned above.

Unknown scale

It is not clear whether the attack has affected a small part or the entire network of the US Marshals Service. In addition, the completely deadly network of US Marshals Serivce on May 21 was malicious or because the agency actively disconnected the network to help clean the entire system.

The malicious code is believed to have hosted the attack on the Neeris computer worm - an ancient worm but has recently been upgraded to include features similar to the extremely dangerous computer worm Conficker is raging. online now.

It is not yet clear whether this attack of computer worms can spread and attack all over the US Department of Justice network or other agencies directly under the ministry by most of their networks. The agency is connected.

The official website of US Marshals Service returns to normal operations on May 21. However, the public relations department also confirmed that at that time the email system was still "standing dead". The staff cannot receive any e-mail.

The technology staff of US Marshals had to make emergency contacts with their partners through the free Gmail service.

Consider security

US Marshals Serivce is also equipped with malicious software for each PC but unfortunately this software has not been updated for more than 3 years. The agency itself has paid no less for updating to the new version capable of fighting the Neeris computer worm.

Song did not understand why but still not updated. Not only that the internal systems of the US Marshals Service have not yet been installed with full bug fixes - including the bug fixes of the Neeris worm code to attack the PC - released by Microsoft in 2006.

From this situation we see that the US Marshals Service network attack is possible at any time and it is true that it happened.

Trend Micro is also tight-lipped

Neeris as well as variants of this computer worm are able to spread through many different paths such as sharing via network or removable storage or software security flaws on the server that will allow them to have can quickly spread in either network or spread through the built-in instant messaging application built into Windows.

Trend Micro assesses the level of Neeris's danger at 'low' but the risk can cause unforeseen 'high' losses.

Michael Sweeny - Trend Micro's global public relations manager - said US Marshals Service contacted his company the night of the incident and asked for corrective assistance.

But Mr. Sweeny refused to disclose the details of what the problem was and also said he did not hear any information claiming Neeris was the culprit of the attack.

However, the statistics of Trend Micro's release of Neeris worm on the day of the incident showed an increase from 0 to 700 PCs infected with Neeris. One day later, this number continued to increase by 100 new PCs. This number is statistically attributed to a Trend Micro automated tool.

Trend Micro was dragged into the problem by malware security software used by US Marshal as Trend Micro's software. Software named OfficeScan. The version that this agency uses is version 5.0, which is up to 3 years old. The latest version is 10.

Mr. Sweeny said: ' That version is too outdated and out of date. Its life has long been over. We have added the Neeris worm protection in version 8 '.

Trend Micro does not currently provide any information about the problem that occurred with the US Marshals Service.