Dept of Homeland Security caused 'mini-DDoS'
Published: 05 Oct 2007 16:24 BST
A contractor for the US Department of Homeland Security has initiated "a mini denial of service" against thousands of security professionals, according to Marcus H Sachs, the director of the SANS Internet Storm Center, a community that monitors global security threats.
A technical slip-up by a government contractor saw many US security professionals clogging up each other's email inboxes, said Sachs.
On Wednesday morning the Department of Homeland Security (DHS) sent its daily Open Source Intelligence Report to "a subscription list of hundreds, perhaps thousands of recipients", wrote Sachs in a blog post. A reader replied to the list address with a request for a change, and his email was re-sent to all of the list subscribers.
"In the next hour or so, dozens of readers have replied, creating a mini-DDoS of sorts to the subscriber's inboxes," wrote Sachs.
Almost half of the emails were either pleas to stop sending more emails, or people demanding to be unsubscribed, despite the fact that unsubscribe instructions are at the bottom of the DHS daily reports, wrote Sachs.
Subscribers to the mailing list included anti-terrorism professionals and military defence personnel.
"This is your combating terrorism office for DoD asking you to kindly stop now please. We actually have work to do," wrote Michael Kinder of the US Department of Defence Technical Support Working Group, according to a blog post on Wired.com.
Read this
ZDNet.co.uk wins Best Business Website award
An innovative mix of Web 2.0 techniques with a solid editorial product has helped ZDNet.co.uk win the online publishing industry's top award...
Many of the posts were humorous, some offered jobs, at least one was a political advertisement, and many more offered their names and contact information in case somebody was looking to connect with their sector or region, according to Sachs.
However, the email administration mistake had more serious security implications: it also "revealed a nice cross-section of who subscribes to DHS daily publications and consider themselves part of the defensive security community", according to Sachs.
Some of the respondents revealed their email addresses, and also left their email signatures with names, job titles and classified contact details in their response emails.
After a reply was sent to everyone on the mailing list from an employee of the Ministry of Defence of Iran, one of the mailing list recipients wrote: "Folks, wise up. This is an open report that anyone with an email address can subscribe to. Although some of your responses have been humorous, to say the least, you are opening doors to people that you do not want to."
SANS said the incident was "quite likely" to have been caused by an email administrator who "either clicked a box last night, rebuilt the system, migrated it to a new server, or did something that un-set a setting designed to prevent this type of event".
Did you find this article useful?
12 out of 15 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
