Government department spreads e-mail virus

A Federal Government network has inadvertently distributed a virus to mailing list subscribers. The virus was sent with the AustLig national mapping newsletter. AusLig is a civilian cartographic and remote sensing division of Geoscience Australia, part of the Federal Department of Industry, Tourism and Resources. A spokesperson for the Minister Ian McFarlane was more forthcoming, confirming that infected files had indeed been sent out by Geoscience Australia with a disgruntled "yep". The spokesperson said Geoscience Australia was "getting legal advice on the situation, and who is accountable, and if there are avenues they can pursue; the service has been moved in-house ... most of the work over there is contracted out." Geoscience Australia The minister's office refused to comment on or reveal whether IT security had been given to an outsourcer or who the outsourcer may be. A "report of sorts" on the incident is expected within a fortnight. According to documentation obtained by Computerworld, the attack occurred between 4pm on November 8 and 5am on November 9, when the plug was pulled on the miscreant machine. AusLig mailing list subscribers were sent an e-mail with the subject header "CSDMS" and an attachment named "README.EXE". Firewall rejection notices describe the malicious code contained in the attachment as the W32/Brid-A (Sophos) virus, more commonly known as the Bride X e-mail worm. A press release on November 18 confirmed the e-mail newsletter suffered from a virus attack: "This virus caused a number of problems both to the service and the transmissions of e-mails, resulting in a number of warning messages being sent many times to some subscribers." Geoscience Australia corporate branch general manager Tony Robinson apologised to subscribers but declined to comment on whether the Defence Signals Directorate (DSD) had been informed in line with government information security incident reporting protocol. Computerworld understands that Geoscience Australia shares satellite imaging information with the Department of Defence's spy satellite unit, the Australian Imagery Organisation (AIO). Symantec's regional manager for security response, David Banes, said there had been no noteworthy increase in Bride X activity recently and patches were available. Umar Goldeli, director of incident response and enterprise security firm Universal Defence, warned that extra care had to be taken with mailing list security. "These incidents often have wide-ranging impacts, as there is always an unspoken but implied level of trust between a mailing list and it's subscribers," he said. "The utmost care should be taken where an organisation handles a large collection of personal information, including e-mail addresses, especially organisations which must diligently adhere to the Privacy Act and the national privacy principles." The launch pad for the attack has been traced to a since terminated IP address hosted by an ISP based in Bombay, India, although more specific detail on who is responsible is typically scant.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Julian Bajkowski

PC World
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?