- Texas man arrested for powder-letter hoax
- Islamic State opens ‘marriage bureau’ for single jihadists
- Drone almost blocks California firefighting planes
- Tornado rips off roofs, downs trees near Boston
- GOP: Environmental rules keeping agents from accessing border
- John Kerry: Millions displaced by religious fighting in 2013
- Federal appeals court rules against Virginia’s gay marriage ban
- White House says Russia ‘losing’ war in Ukraine
- Hamas turns to North Korea for weapons deal, Iran for money
- Syrian casualties surge as jihadis consolidate
Users of some D.C. online services get malware warning
Question of the Day
Local residents looking to pay parking tickets or use other online services from the D.C. government in the past week were greeted with an ominous message, saying their use of the city's website could expose them to malicious software.
The alert was a result of something or someone, such as a computer user looking to exploit weaknesses in the system, trying to burrow into the D.C. Community Calendar application on July 31, city officials said.
Ayanna Smith, spokeswoman for the office of the chief technology officer (OCTO), said the attack was resolved within a day and did not compromise any personal information or pose a threat to users' computers. But people who later logged onto apps.dc.gov encountered a message from Google, which trolls the Web for potentially dangerous sites, that warned: "The website you are visiting appears to contain malware."
The incident raised eyebrows among users who wanted to pay their parking tickets — fines double if they wait too long — or use other online services offered by the District.
Joshua Miller, 34, who lives in the Brightwood neighborhood of Northwest, was among several people who logged onto Twitter to ask the D.C. Department of Motor Vehicles whether its site was safe. He wanted to schedule an inspection but was not satisfied with the agency's response to his query.
"Instead of saying, 'No, there's no problem,' they said, 'You need to use a browser other than Chrome,'" Mr. Miller said. "That's the equivalent of saying, 'Turn off your antivirus package and you'll stop getting notices that your computer is infected.'"
DMV spokeswoman Vanessa Newton said Tuesday the agency's website is secure, "and the public can continue to pay tickets as well as conduct other DMV business online."
But the episode shined a light on the vulnerabilities attached to an increasingly cyber-based world. The District, like other governments, is leveraging user-friendly programs and apps that make it easier to tackle the concerns of city life, such as feeding the parking meter or sounding off on city agencies.
Ms. Smith acknowledged that it would be understandable for customers to be wary of entering their private payment information after seeing the message, which interrupted browsing with a warning inside a red-bordered box. It informed users of the potential malware and allowed them to click "Ignore Warning" or "Go Back."
The screen also directed users to a Google diagnostics page, which said app.dc.gov was "suspicious" but had not hosted malware or served as an intermediary for infection of any other sites. Its testing over the past 90 days, however, showed "two pages resulted in malicious software being downloaded and installed without user consent."
Google launched its Safe Browsing system five years ago to guard against malicious content on the Internet among its search results and ads as well as content on popular browsers such as Chrome, Firefox and Safari. While Google does not comment on specific websites, "our systems appear to be working as intended," spokesman Jay Nancarrow said.
In general, small businesses that use common, commodity software are targeted for malware attacks more frequently than larger entities, said Maxim Weinstein, executive director of Stop Badware, a nonprofit organization that works to eliminate malware, spam and other invasive Web applications.
"I wouldn't say we see it extensively on government sites," he said, noting "Google's detection accuracy is extremely high, without coming up with many false positives."
But, he added, it is not uncommon for warning messages to linger after an issue has been resolved — calling ongoing attention to what can be an embarrassing situation.
OCTO is working "diligently" with Google to take down the message, Ms. Smith said.
"Once the bad content has been removed, the site owner can file a reconsideration request," Mr. Nancarrow said. "If the offending content is indeed gone, the warning will come down."
It was not the first time city residents encountered a hiccup on D.C. websites.
In April, city government sites in New York City and the District failed to load intermittently for hours on end. The "denial of service attacks" reportedly were launched by hacker group UGNazi as part of a protest against the governments, although it was unclear whether the true target was the federal government seated in the District. That type of invasion is far more serious than what occurred last week.
The community calendar at the source of the D.C. incident does not house confidential information, "so the 'attack' was more of an inconvenience than a threat to users," Ms. Smith said via email.
However, she said, OCTO is re-creating the D.C. Community Calendar application with more current and secure features.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Tom Howell Jr. covers politics for The Washington Times. He can be reached at firstname.lastname@example.org.
- Very religious still lean toward GOP, reflecting long-term patterns, Gallup poll shows
- Number-crunchers put GOP chances of retaking Senate at 60 percent: report
- Rep. Mike Rogers: Lock Israel-Palestine negotiators in a room
- Medicare trust fund to last 4 years longer: Obama administration
- Fla. voters' support for medical marijuana bodes well for ballot measure: poll
Latest Blog Entries
TWT Video Picks
By David Keene
Allowing states to innovate could reduce dependency on bureaucracy
- D.C. seeks to stay judge's order allowing gun owners to carry in public
- Hillary Clinton: Forget Obama, George W. Bush made her 'proud to be an American'
- Illegal immigrants demand representation in White House meetings
- Iraqi Christians rally at White House: 'Obama, Obama, where are you?'
- Border surge puts Obama legacy on immigration at stake
- Tennessee Gov. Haslam slams White House for secret dump of illegals in his state
- Romney would win popular vote in rematch against Obama: CNN poll
- Babson College, BYU win top spots in Money magazine's college rankings
- White House says Russia 'losing' war in Ukraine
- D.C. plans to seek stay of order striking down ban on handguns in public
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq