Russian malware found infecting a US government network got the in from a US Geological Survey employee who violated agency rules about watching porn on a government-issued computer. That's according to a Oct. 17 report by the Department of the Interior's inspector general, which found the unnamed employee used a government-issued computer to visit some 9,000 adult video sites, including many associated with Russian websites containing malware. That malware, linked to ransomware attacks and designed to steal data from infected devices, infiltrated the USGS network at the Earth Resources Observation and Science (EROS) Center in South Dakota, reports TechCrunch. Nextgov reports the employee no longer works at the agency.
Their "extensive history of visiting adult pornography websites" clashed with rules prohibiting the use of government networks to view pornography, agreed upon "several years prior to detection," the report notes. The employee also broke rules against connecting unauthorized devices to the computer. Videos were saved to a USB drive, and a personal Android cellphone also infected with malware, per the BBC. TechCrunch reports there were no threats to national security as the EROS Center, a satellite imaging facility monitoring land surface, doesn't operate classified networks. Still, auditors recommend USGS enforce blacklists of banned websites and do more to stop employees from connecting personal devices to government computers. (Ted Cruz once "liked" a porn clip, but then he called it a mistake.)