Government department spreads e-mail virus

A Federal Government network has inadvertently distributed a virus to mailing list subscribers. The virus was sent with the AustLig national mapping newsletter. AusLig is a civilian cartographic and remote sensing division of Geoscience Australia, part of the Federal Department of Industry, Tourism and Resources. A spokesperson for the Minister Ian McFarlane was more forthcoming, confirming that infected files had indeed been sent out by Geoscience Australia with a disgruntled "yep". The spokesperson said Geoscience Australia was "getting legal advice on the situation, and who is accountable, and if there are avenues they can pursue; the service has been moved in-house ... most of the work over there is contracted out." Geoscience Australia The minister's office refused to comment on or reveal whether IT security had been given to an outsourcer or who the outsourcer may be. A "report of sorts" on the incident is expected within a fortnight. According to documentation obtained by Computerworld, the attack occurred between 4pm on November 8 and 5am on November 9, when the plug was pulled on the miscreant machine. AusLig mailing list subscribers were sent an e-mail with the subject header "CSDMS" and an attachment named "README.EXE". Firewall rejection notices describe the malicious code contained in the attachment as the W32/Brid-A (Sophos) virus, more commonly known as the Bride X e-mail worm. A press release on November 18 confirmed the e-mail newsletter suffered from a virus attack: "This virus caused a number of problems both to the service and the transmissions of e-mails, resulting in a number of warning messages being sent many times to some subscribers." Geoscience Australia corporate branch general manager Tony Robinson apologised to subscribers but declined to comment on whether the Defence Signals Directorate (DSD) had been informed in line with government information security incident reporting protocol. Computerworld understands that Geoscience Australia shares satellite imaging information with the Department of Defence's spy satellite unit, the Australian Imagery Organisation (AIO). Symantec's regional manager for security response, David Banes, said there had been no noteworthy increase in Bride X activity recently and patches were available. Umar Goldeli, director of incident response and enterprise security firm Universal Defence, warned that extra care had to be taken with mailing list security. "These incidents often have wide-ranging impacts, as there is always an unspoken but implied level of trust between a mailing list and it's subscribers," he said. "The utmost care should be taken where an organisation handles a large collection of personal information, including e-mail addresses, especially organisations which must diligently adhere to the Privacy Act and the national privacy principles." The launch pad for the attack has been traced to a since terminated IP address hosted by an ISP based in Bombay, India, although more specific detail on who is responsible is typically scant.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Julian Bajkowski

PC World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?