“a state employee mistakenly downloaded a malware-laced tool from a spoofed website”
Why is any randomly downloaded software running on government computers to begin with? Why aren’t these systems and networks locked down better?
Their systems are probably wildly outdated, a monstrous mix-and-match of tech, stuff like that. A private corporation is easier to lock down. With government they have to follow dozens of outdated laws and guidelines, don’t have the freedom private enterprise has.
To categorically prevent that, every computer would need to centrally controlled and managed, which might have been the case here, and the system configuration has to prevent all software that’s not pre-approved from running.
That’s possible too, but could be a pain to tightly manage. It was a privileged user that was spear phished though… the kind of trusted user who might be able to install software on their machine without additional approval.
It’s always phishing.
I’m always amazed at how dumb and incompetent some employees are. It’s really the peak difference between very smart and competent developers making the malware, and the idiots who fall for it.
You must be new to humanity. It’s not really that surprising.
Hey get a load of Dr. Always Competent over here
Removed by mod
Lol what a numpty!
