The US governments travel site (GovTrip) was hacked with a URL redirect method and there is fear malicious code was introduced into user’s computing devices, according to ComputerWorld and Network World articles. This site is used by several government workers in the following agencies and departments, among others: Environmental Protection Agency, the Department of Energy, the Department of Health and Human Services, the Department of the Interior, the Department of Transportation and the Treasury Department. The site is used by workers for travel planning and travel expense reimbursements.
The simultaneously novel and threatening approach taken here is that it is not the typical frontal assault at the most secure agencies of national and information security (DoD, NSA, etc.) but rather towards a seemingly benign website but one that is used by enough government workers throughout enough of the key departments, such as Energy and Treasury, to have a potentially huge impact. Don’t confuse this as admiration for the perpetrators, but rather acknowledgment of how many “holes” exist in the fabric of the US government and economy’s information infrastructure.
There are both intranet and public Internet access to this site. If any of the computing devices accessing this site from the public Internet side also have access to classified or secure networks in their respective agencies, there is where the greatest threat to the information and network security lay in the event malicious code is propagated. Imagine a botnet running without the Department of Energy network where nuclear site protection and operating procedures are stored…no, I don’t want to imagine.