Government department spreads e-mail virus

A Federal Government network has inadvertently distributed a virus to mailing list subscribers. The virus was sent with the AustLig national mapping newsletter. AusLig is a civilian cartographic and remote sensing division of Geoscience Australia, part of the Federal Department of Industry, Tourism and Resources. A spokesperson for the Minister Ian McFarlane was more forthcoming, confirming that infected files had indeed been sent out by Geoscience Australia with a disgruntled "yep". The spokesperson said Geoscience Australia was "getting legal advice on the situation, and who is accountable, and if there are avenues they can pursue; the service has been moved in-house ... most of the work over there is contracted out." Geoscience Australia The minister's office refused to comment on or reveal whether IT security had been given to an outsourcer or who the outsourcer may be. A "report of sorts" on the incident is expected within a fortnight. According to documentation obtained by Computerworld, the attack occurred between 4pm on November 8 and 5am on November 9, when the plug was pulled on the miscreant machine. AusLig mailing list subscribers were sent an e-mail with the subject header "CSDMS" and an attachment named "README.EXE". Firewall rejection notices describe the malicious code contained in the attachment as the W32/Brid-A (Sophos) virus, more commonly known as the Bride X e-mail worm. A press release on November 18 confirmed the e-mail newsletter suffered from a virus attack: "This virus caused a number of problems both to the service and the transmissions of e-mails, resulting in a number of warning messages being sent many times to some subscribers." Geoscience Australia corporate branch general manager Tony Robinson apologised to subscribers but declined to comment on whether the Defence Signals Directorate (DSD) had been informed in line with government information security incident reporting protocol. Computerworld understands that Geoscience Australia shares satellite imaging information with the Department of Defence's spy satellite unit, the Australian Imagery Organisation (AIO). Symantec's regional manager for security response, David Banes, said there had been no noteworthy increase in Bride X activity recently and patches were available. Umar Goldeli, director of incident response and enterprise security firm Universal Defence, warned that extra care had to be taken with mailing list security. "These incidents often have wide-ranging impacts, as there is always an unspoken but implied level of trust between a mailing list and it's subscribers," he said. "The utmost care should be taken where an organisation handles a large collection of personal information, including e-mail addresses, especially organisations which must diligently adhere to the Privacy Act and the national privacy principles." The launch pad for the attack has been traced to a since terminated IP address hosted by an ISP based in Bombay, India, although more specific detail on who is responsible is typically scant.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Julian Bajkowski

PC World
Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Victorinox Werks Professional Executive 17 Laptop Case

Learn more >



Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?