Court extends life support to corrupted government computers

Featured eBooks
CDM
Read Now

Future-Ready Workforce

Read Now

Health Tech

Read Now
Insights & Reports
Redefining Mission Security
Presented By Babel Street
Download Now
Defending government cloud against advancing threats
Presented By CrowdStrike
Download Now
Aliya Sternstein By Aliya Sternstein,
Senior Correspondent

By Aliya Sternstein

|

A New York judge has granted the United States license to sustain servers providing life support to hundreds of thousands of infected federal, corporate and personal computers that were previously set to go dark tomorrow.

The Justice Department obtained a court order to run the machines until July 9, allowing Internet users more time to exterminate the bug known as DNSChanger. The virus functioned by connecting infiltrated computers to rogue servers that would reroute Internet users to fraudulent websites. When U.S. authorities seized the rogue servers as part of a 2011 hacker offensive, they obtained a temporary order to replace the bad machines with clean servers for safe Internet browsing until March 8. The goal was to teach victims how to wean their computers off the stand-in servers.

But many of the roughly 4 million corrupted devices have not been disinfected, according to Justice, so their users could have been forced offline this week without the extension. U.S. District Judge Denise Cote on Monday signed an order permitting the government's partner, the nonprofit Internet Systems Consortium, to maintain the machines and report back in May on how many affected computers are still probing the servers -- a sign they remain infected.

"ISC shall continue to take steps to identify computers that are infected with malicious DNS Changer software by collecting the IP addresses that query the replacement DNS servers," Cote wrote, referring to the Domain Name System the servers use to direct Internet traffic. IP addresses are the numbers that identify a computer's location. The order prohibits authorities from monitoring any content associated with those queries.

Homeland Security officials in late February said they were able to spot victimized government computers through a new surveillance tool that monitors strictly government networks, as well as through private sector support.

According to security firm Internet Identity, at least three out of 55 major U.S. government agencies had a minimum of one infected computer or router as of Feb. 23. The number of contaminated computers has plummeted since earlier this year when the firm reported about half of the major agencies were still affected.

NEXT STORY: Fighting Crazed Veteran Stories