Sasser not a fed harasser

The Sasser worm, which crawled through unpatched computers running Microsoft Corp. Windows this week, was pretty much a nonevent for federal government offices. Or a success story, as the Homeland Security Department's Lawrence Hale said today.

Hale, deputy director of DHS' National Cyber Security Division, said although there were isolated incidents of computer infections, most federal agencies were well protected when unknown assailants released the Sasser worm on the Internet a week ago.

"We've seen isolated incidents but no mission impact," Hale said.

DHS officials issued an alert about the Sasser worm April 13, the same day that Microsoft officials released a critical security patch to protect computers from attack. Hale said the agency's alert was timed to coincide with Microsoft's.

Apparently, most agencies took advantage of the more than two weeks' lead time to apply the patch. Most patching had been completed before attackers released the Sasser worm to exploit a buffer overflow in a portion of the Windows operating system code known as the Windows Local Security Authority Subsystem Service.

The organization that defends Defense Department computer networks monitored the Sasser worm closely. "We've noticed it, followed it and it had minimal effects on DOD systems," said Tim Madden, spokesman for the Joint Task Force-Computer Network Operations (JTF-CNO).

Madden declined to comment on when JTF-CNO first noticed the Sasser worm, when officials started monitoring it and what kind of minimal effects the computer worm caused to military systems. JTF-CNO, based at the Defense Information Systems Agency, falls under control of Strategic Command, one of nine key military commands that manage missile, space and information operations from Offutt Air Force Base, Neb.

At the Department of Veterans Affairs, "much less than a half of one percent of the devices" that could have been affected by the worm were infected, said Bruce Brody, associate deputy assistant secretary for cyber- and information security. "The primary reason is that the patching [with] the Microsoft security patch initiated in April worked," he said.

There were also reports that a handful of House and Senate offices experienced problems early in the week, but the problems were quickly resolved.

-- Frank Tiboni and Sarita Chourey contributed to this article.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.