Protecting the U.S. nuclear arsenal from spam

August 26th, 2007

In yesterday’s Washington Post Security Fix blog, Brian Krebs posts that “Pharmacy Spam Blogs At U.S. Nuclear Safety Lab“.

“The Web site for the institution charged with safeguarding the safety and integrity of the U.S. nuclear arsenal has been inadvertently hosting advertisements and blogs that link to illegal prescription drug sites hawking everything from generic painkillers to erectile dysfunction medication, Security Fix has learned. Dozens of pages belonging to the official Web site of Lawrence Livermore National Labs appear to have been seeded with the unauthorized advertisements.”

Ouch! I’ve some some sympathy for LLNL — we’ve been burned several times when we have not kept our software up to date and a vulnerability is discovered. On the other hand, we don’t share LLNL’s mission of being “responsible for ensuring that the nation’s nuclear weapons remain safe, secure, and reliable”. At least it is somewhat reassuring that the compromised LLNL sites are not directly involved with the core mission of nuclear safety, but focused on conferences, speech research and publicity.

The spam doesn’t seem to be associated with blogs, per se. It’s a bit hard to tell what the context is since the sites are off line, so you have to poke around in Google’s cache and the Internet Archive.

Since we were last hacked in early July, we’ve been monitoring visits to our web site that seem suspicious and see many attempts every day to gain access, typically through crude password guessing and more sophisticated SQL injection attempts.