Sasser not a fed harasser

Featured eBooks
Health Tech
Read Now

Next-Generation Computing

Read Now

Space Tech

Read Now
Insights & Reports
Cyber-Informed Engineering for OT Security and AVEVA PI Users
Presented By Carahsoft
Download Now
Revolutionizing Workforce Management for Federal Employees
Presented By Ultimate Kronos Group
Download Now
By Florence Olsen

By Florence Olsen

|

The Sasser worm was a nonevent for federal government offices, officials say.

Related Links

"Linux has its own security holes"

The Sasser worm, which crawled through unpatched computers running Microsoft Corp. Windows this week, was pretty much a nonevent for federal government offices. Or a success story, as the Homeland Security Department's Lawrence Hale said today.

Hale, deputy director of DHS' National Cyber Security Division, said although there were isolated incidents of computer infections, most federal agencies were well protected when unknown assailants released the Sasser worm on the Internet a week ago.

"We've seen isolated incidents but no mission impact," Hale said.

DHS officials issued an alert about the Sasser worm April 13, the same day that Microsoft officials released a critical security patch to protect computers from attack. Hale said the agency's alert was timed to coincide with Microsoft's.

Apparently, most agencies took advantage of the more than two weeks' lead time to apply the patch. Most patching had been completed before attackers released the Sasser worm to exploit a buffer overflow in a portion of the Windows operating system code known as the Windows Local Security Authority Subsystem Service.

The organization that defends Defense Department computer networks monitored the Sasser worm closely. "We've noticed it, followed it and it had minimal effects on DOD systems," said Tim Madden, spokesman for the Joint Task Force-Computer Network Operations (JTF-CNO).

Madden declined to comment on when JTF-CNO first noticed the Sasser worm, when officials started monitoring it and what kind of minimal effects the computer worm caused to military systems. JTF-CNO, based at the Defense Information Systems Agency, falls under control of Strategic Command, one of nine key military commands that manage missile, space and information operations from Offutt Air Force Base, Neb.

At the Department of Veterans Affairs, "much less than a half of one percent of the devices" that could have been affected by the worm were infected, said Bruce Brody, associate deputy assistant secretary for cyber- and information security. "The primary reason is that the patching [with] the Microsoft security patch initiated in April worked," he said.

There were also reports that a handful of House and Senate offices experienced problems early in the week, but the problems were quickly resolved.

-- Frank Tiboni and Sarita Chourey contributed to this article.