Sasser not a fed harasser

The Sasser worm, which crawled through unpatched computers running Microsoft Corp. Windows this week, was pretty much a nonevent for federal government offices. Or a success story, as the Homeland Security Department's Lawrence Hale said today.

Hale, deputy director of DHS' National Cyber Security Division, said although there were isolated incidents of computer infections, most federal agencies were well protected when unknown assailants released the Sasser worm on the Internet a week ago.

"We've seen isolated incidents but no mission impact," Hale said.

DHS officials issued an alert about the Sasser worm April 13, the same day that Microsoft officials released a critical security patch to protect computers from attack. Hale said the agency's alert was timed to coincide with Microsoft's.

Apparently, most agencies took advantage of the more than two weeks' lead time to apply the patch. Most patching had been completed before attackers released the Sasser worm to exploit a buffer overflow in a portion of the Windows operating system code known as the Windows Local Security Authority Subsystem Service.

The organization that defends Defense Department computer networks monitored the Sasser worm closely. "We've noticed it, followed it and it had minimal effects on DOD systems," said Tim Madden, spokesman for the Joint Task Force-Computer Network Operations (JTF-CNO).

Madden declined to comment on when JTF-CNO first noticed the Sasser worm, when officials started monitoring it and what kind of minimal effects the computer worm caused to military systems. JTF-CNO, based at the Defense Information Systems Agency, falls under control of Strategic Command, one of nine key military commands that manage missile, space and information operations from Offutt Air Force Base, Neb.

At the Department of Veterans Affairs, "much less than a half of one percent of the devices" that could have been affected by the worm were infected, said Bruce Brody, associate deputy assistant secretary for cyber- and information security. "The primary reason is that the patching [with] the Microsoft security patch initiated in April worked," he said.

There were also reports that a handful of House and Senate offices experienced problems early in the week, but the problems were quickly resolved.

-- Frank Tiboni and Sarita Chourey contributed to this article.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.