We’ve told you this before and we’re saying it again. Nobody’s safe.
A hacker managed to compromise a California county Web site to redirect visitors to some porn site. The LA Times and Network World report that the corrective procedures did not turn out so great; a personnel from a segment of the U.S. General Services Administration in Washington, who oversees the .gov domain, accidentally wiped out the entire ca.gov domain in response. This was not the intention, of course. However, its effects grew more massive as night drew near. Employees were unable to access certain Web sites, and worse, to exchange email messages. Down time was less than half a day, but the entire thing prompted a talk between the California and Washington IT teams regarding communication plans for changes as big as the foregoing.
Note that the ca.gov domain itself was not compromised, and that it was the corrective action that caused the entire thing to go down. Still, this should wake the authorities up about cleaning the codes residing in .gov domains as they are especially prone to abuse by malware authors looking to plant malicious content. This despite the pervading idea that educational and government institutions, which put up non-financial information on their Web sites, are hardly good targets for malware authors. Although there seems to be no motivation to test their sites for possible exploitation because no actual monetary value is at risk, malware authors are looking at these sites as easy targets, proven months ago by Trend Micro researches who have been able to discover at least two government Web sites abused by an SEO (search engine spam) spammer. The said sites had pages urging viewers to purchase certain pharmaceutical products.
And for us at the security industry, to quote Trend Micro’s Network Architect Paul Ferguson, “We’ve been banging the right drum, for the right reason, for a long time now.” For truly there is no end to the dangers and annoyances — collateral or otherwise — that these hackers can bring.