By court order, the documents detailing how the virus got in the system were released following a battle between Wired News that lasted nearly a year. Wired News attempted to obtain the details of the virus attack under the Freedom of Information Act. When they were finally reviewed, the documents provided the first official acknowledgement that DHS erred by deliberately leaving more than 1,300 sensitive border screening workstations vulnerable.
The DHS border screening computer system known as US-VISIT is a mix of older databases maintained by various government agencies. This system is then tied to a national network of workstations with biometric readers installed at airports and other points of entry into the United States.
US-VISIT is a $400 million program launched in January 2004 in an effort to secure the U.S. border from terrorists by thoroughly screening visiting foreign nationals. Though the system is comprised of older mainframe databases -- fronted by Windows 2000 workstations installed at nearly 300 airports, seaports and border crossings -- it is relatively secure except for the PC end of the system, according to officials.
The US-VISIT program is supported in concept by the U.S. Government, but its implementation has faced a steady barrage of criticism from congressional auditors concerned over management issues and security problems.
When Microsoft -- which makes the Windows 2000 operating system -- announced the security hole that the Zotob worm exploits back in August of 2005, it took only four days for a teenage virus writer in Morocco to launch it.
The day after the Zotob worm infected the US-VISIT system, DHS publicly acknowledged that the worm was responsible. But by December of 2005, a different story emerged, and an explanation of a routine "computer glitch" was given to the public -- at which time Wired News started requesting information using the Freedom of Information Act in an effort to gain access to the full truth.
###
| Share |