E-mail virus targets Sasebo's DOD computers
SASEBO NAVAL BASE, Japan — An e-mail wriggling through Defense Department e-mail accounts last week that appeared as official correspondence from Navy flag officers is fake and could let outsiders gain control of users’ computers, system technicians said Monday.
The fake message’s tipoff is that the e-mail address uses a different naming convention than the military branches and the Pentagon.
“I get these notices about malicious activity on the Internet and in e-mail all the time …” said Morton Wear, Sasebo’s director of Internet technology operations. “But this one has a little greater interest because of the connection to the recent London terrorist attacks and the name next to the ‘from’ field: a Navy flag officer.
“The e-mails contain unconfirmed information blaming the bombings on Russians,” he added.
As interesting as the e-mail might seem, Wear said, it can lead to “seriously damaged computers” if a recipient clicks a link in the e-mail.
The URL (webhost.7u7.net) supposedly “provides additional information” about the London attacks. However, if a reader clicks that URL, coding automatically uploads an “aggressive, vicious worm attack on the reader’s computer,” Wear said.
“The worm’s author can then control everything … sometimes files just start disappearing … they can control passwords, credit card numbers, checking numbers and it even hijacks your address book and replicates itself,” he added.
Wear said the Naval Computer Incident Response Team, or NAVCIRT, advises protective measures such as blocking the URL and updating your anti-virus software at once. (See sidebar.)
Using anti-virus software at home can stop problems before they reach work, according to Air Force 2nd Lt. William Genda, anti-virus team chief for the Pentagon’s computer emergency response team.
“These days, computers can catch viruses from Microsoft Outlook, Web access or even home computer access,” stated Genda in a recent Navy news report. “With everyone exchanging files between home and work, the potential is there that someone could inadvertently bring an infected file to a government network.”
Wear said anyone associated with Sasebo Naval Base could acquire free, up-to-date anti-virus software that includes all upcoming updates.
“All they have to do is bring a blank CD-R with them to our office (Building 200) and we’ll copy the executable files for them,” Wear said. “Then all they have to do is complete a simple installation.”
Call Wear at DSN 252-2727 for more information.
Tips for protecting your computer
Morton Wear, Sasebo’s director of Internet technology operations, said the Naval Computer Incident Response Team, or NAVCIRT, advises protective measures be taken at once:
Instruct recipients not to reply to the e-mail or click on the attached URL.On the exchange server, block e-mails with the subject line: “London’s bombing maybe by Russian!”Block the URL at webhost.7u7.net; block the following IP addresses: 184.108.40.206 and 220.127.116.11.Ensure all anti-virus definitions are up to date and scan the system for any malicious files, viruses or Trojan horses, which are malicious programs disguised as legitimate software.If malicious code is detected, contact your anti-virus vendor.Configure the systems for optimum security.To add an extra layer of defense, DOD has offered free anti-virus software intended for use on members’ home computers. The software is licensed for employees, both military and civilian, courtesy of the Defense Information Systems Agency.
— Stars and Stripes