Infected E-Mail Makes a Poor Ambassador
Thursday June 21, 2007 at 10:17 am CST
Posted by Shane Keats
Relations between the United States and Russia have been a bit testy of late, but is that any reason for those interested in the U.S. perspective to start receiving virus-laden e-mails? Yes, you read that right.
At the United States Moscow Embassy Web site, we signed up anonymously at the “Information Resource Center” over the course of several months with two unique addresses. Both times, we received e-mails containing the W32/Stration.dr virus.
This could indicate a number of things. At minimum, the e-mail addresses submitted to moscow.usembassy.gov are not secure. It could be that some information (specifically e-mail addresses) is insecure or accessible by an outside party, or it could be that someone with access to this list is infected with a virus. To be clear, we don’t think the U.S. government is deliberately sending infected e-mails. But the fact that this occurred to two separate e-mail accounts submitted on two separate occasions does make it unlikely that this is a fluke.
Tom Goetz, the engineer who handles SiteAdvisor’s e-mail testing, is the one who noticed this nugget of data among the many millions of e-mail tests we’ve run. This is the first dot gov Web site that McAfee has rated “red.” Tom notes that we started scanning test-generated e-mail for viruses about 10 months ago. During that period, we found 17,434 infected e-mails–out of the roughly 18 million we received over the last 12 months. That’s about one-tenth of a percent.
The e-mails were part of a mailing list that included things such as press releases. Maybe someone at the State Department just doesn’t like journalists. Or maybe the United States is the new proxy in Estonia’s cyberwar with Russia.
Whatever the cause, we’ve alerted the proper authorities.