I post at SearchCommander.com now, and this post was published 18 years 6 months 10 days ago. This industry changes FAST, so blindly following the advice here *may not* be a good idea! If you're at all unsure, feel free to hit me up on Twitter and ask.
Yesterday, it was reported that…
“Oregon Department of Revenue officials thought they were tightly secured against data theft. ”
Then they went on to say that
“an employee from using an office computer to surf porn sites and download a Trojan horse, a hidden spyware program not yet known to intrusion-detection software. The Trojan installed itself Jan. 5 and for the next four months secretly captured and relayed data to the hackers who created it.”
Well I think there’s some liability here on the part of the State of Oregon. This is ridiculous.
First, many companies prevent independant users from having full administrative access for exactly this reason – to prevent casual web surfing, time wasting, and installation of any unauthorized software. Our tax dollars at work.
Second, a spokesman for the Dept of Revenue said “There are so many new sites, we couldn’t keep up with them,” However, if the computer was really protected, then there would have been monitoring software installed. This would give an alert that came up when the offending program was installed. Something like WinPatrol, or the Microsoft Free Anti Spyware program would have detected an unknown sactivity immediately, regardless of how new or undiscovered it was.
Third, if routine maintennance, like spyware and virus scanning were done on a regular weekly or monthly basis as it should be, then there’s no way it could have run undetected for four solid months.
Bottom line, in my opinion, the Oregon Department of Revenue did not take the necessary reasonable precautions to protect our data, and that should be obvious to even the most inexperienced IT professionals.
“I fully agree I’m not sure what kind of network the state itself is running on, but even if they weren’t aware of specific sites, networks running on Windows Server 2003 (and I think 2000) can do a global ban on external sites and then specific sites have to be allowed. That’s how it is where I work with about 400 employees and I would like to think that the Oregon Department of Revenue has at least that capability. Add to this the many inexpensive if not free antivirus/antispyware programs out there and there just isn’t an excuse.
Also in The Oregonian today, Google is opening a datacenter in The Dalles. On top of that, they are hiring Linux Admin’s in the Portland Market on Monster.com.
This is but one more example of the arrogance and ignorance exhibited by not only Oregon’s public employees but by the elected legislators in this state. A deadly combination.