U.S. National Vulnerability Database Hacked

The central database of vulnerability and related security information, maintained by NIST, remains down due to malware discovered on the site and traced, ironically, to a software vulnerability

Larry Seltzer, Contributor

March 14, 2013

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The U.S. National Vulnerability Database (NVD) was taken down by its administrators at the National Institute of Standards and Technology last Friday, March 8.

As of this morning, the site shows this message:

"

Site/Page Not Available

The NIST National Vulnerability Database (NVD) has experienced an issue with its Web Services and is currently not available. We are working to restore service as quickly as possible. We will provide updates as soon as new information is available."

Kim Halavakoski, chief security officer at Crosskey Banking Solutions, broke the news on his Google+ page. After trying to retrieve some data from the site and finding it down, Halavakoski contacted the site administrators and received a note explaining the situation. The salient points:

  • On Friday, March 8, a NIST firewall detected suspicious activity and took measures to block traffic related to it.

  • The servers on which the activity was detected were taken down.

  • Malware was discovered on two NIST Web servers.

  • The malware was traced to a software vulnerability.

  • There is no evidence the NVD itself spread malware.

  • NIST has no further information on when the NVD will be back up.

The note was signed by Gail Porter of the NIST Public Inquiries Office.

In a subsequent post, Halavakoski noted that Netcraft data shows NIST had been running IIS 7.5 for years, but after the breach, it was listed as running Linux and Apache. Netcraft's "risk rating" for the site is 0/10.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author

Larry Seltzer

Contributor

Follow Larry Seltzer and BYTE on Twitter, Facebook, LinkedIn, and Google+:

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights