Hard at Work: Government Network 'Exploited' by Malware, Thanks to Russian Porn Sites
All because one public servant downloaded porn onto his government-owned laptop.
Work and play don't always mix, particularly if your work involves a government-owned computer and your play consists of Russian porn sites.
That's the main takeaway from an October 17 report published by the Department of the Interior's Office of Inspector General (OIG). The report was the climax of an investigation into why an employee's work computer became "compromised and infected with malware."
The employee in question, whose name is redacted, worked for the U.S. Geological Survey (USGS) at the Earth Resources Observation and Science (EROS) Center, a South Dakota–based satellite imaging facility. The worker is no longer employed there, OIG External Affairs Director Nancy DiPaolo tells Nextgov.
According to the report, the employee "knowingly used U.S. Government computer systems to access unauthorized internet web pages," and those pages "hosted malware." After being downloaded onto the employee's work laptop, the malware "exploited the USGS' network."
So where did the malware come from? The OIG makes it pretty clear:
Our digital forensic examination revealed that [redacted] had an extensive history of visiting adult pornography websites. Many of the 9,000 pages [redacted] visited routed through websites that originated in Russia and contained malware.
The report also says the images were "saved to an unauthorized USB device and personal Android cell phone" that the employee had connected to the laptop. Likely as a result, the phone was infected as well.
The employee's actions represented a violation of at least two Interior Department rules. Workers are not supposed to view pornographic images on department systems, and they're prohibited from plugging their personal devices into work computers. The fact that the worker was able to access the porn sites and download the images via the laptop's USBs represent "two vulnerabilities in the USGS' IT security posture," the report says.
The employee didn't damage national security—an OIG spokesperson tells TechCrunch that the EROS Center is not in charge of any classified networks. Regarding the specific type of malware, the spokesperson was less helpful, saying only that it "helps enable data exfiltration and is also associated with ransomware attacks."
This unnamed employee is far from the first federal worker to mix porn with work. Back in 2014, Reason's Peter Suderman reported on an Environmental Protection Agency employee who admitted to spending 2–6 hours a day watching porn on the job. According a 2017 investigation from WRC-TV, nearly 100 federal workers were caught red-handed and/or confessed to watching porn at work in the previous five years.
Ladies and gentlemen: That's your tax dollars hard at work.