Santa Fe city government computers knocked out by worm
The US is still losing relatively major city government computer networks due to the Nachi/Welchia worm. Sante Fe city government's entire computer network was knocked offline on Friday by the Nachi worm. City employees could not access e-mail or work with their computers all day Friday, and the Santa Fe Public Library was not able to access the Internet. Officials say the worm infected the system when an employee downloaded music on a city computer. The article says the worm was able to infect the city computer system by first disabling the system's virus detection system. Both statements would be notable because known versions of Nachi/Welchia don't spread that way. http://kobtv.com/index.cfm?viewer=storyviewer&id=6232&cat=HOME No explaination why Sante Fe officials had not patched the city's computers in the three months since Microsoft announced the vulnerability and released the software updates. Nor why Sante Fe didn't have up to date anti-virus programs running on its computers.
In message <Pine.GSO.4.44.0311160612490.5893-100000@clifden.donelan.com>, Sean Donelan writes:
The US is still losing relatively major city government computer networks due to the Nachi/Welchia worm.
Sante Fe city government's entire computer network was knocked offline on Friday by the Nachi worm. City employees could not access e-mail or work with their computers all day Friday, and the Santa Fe Public Library was not able to access the Internet.
Officials say the worm infected the system when an employee downloaded music on a city computer. The article says the worm was able to infect the city computer system by first disabling the system's virus detection system. Both statements would be notable because known versions of Nachi/Welchia don't spread that way.
http://kobtv.com/index.cfm?viewer=storyviewer&id=6232&cat=HOME
No explaination why Sante Fe officials had not patched the city's computers in the three months since Microsoft announced the vulnerability and released the software updates. Nor why Sante Fe didn't have up to date anti-virus programs running on its computers.
I draw a different conclusion from the article: the channel from the techs who worked on it to the reporter was lossy... As you note, Nachi/ Welchia aren't spread by music downloads, nor do they disable AV software. I suspect that a Trojan'ed file-sharing program is more likely the culprit. --Steve Bellovin, http://www.research.att.com/~smb
participants (2)
-
Sean Donelan
-
Steven M. Bellovin