Menu
US House of Representatives bans Yahoo Mail and Google App Engine over malware concerns

US House of Representatives bans Yahoo Mail and Google App Engine over malware concerns

The bans are in response of cybercriminals abusing those services to spread ransomware and malware

The IT department of the U.S. House of Representatives has blocked access to Yahoo Mail and the Google App Engine platform due to malware threats.

On April 30, the House’s Technology Service Desk informed users about an increase in ransomware related emails on third-party email services like Yahoo Mail and Gmail.

"The House Information Security Office is taking a number of steps to address this specific attack," the Technology Service Desk said in an email obtained and published by Gizmodo. "As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice."

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises the questions: are House workers using Yahoo Mail for official business, and, if they're not, are they allowed to check their private email accounts on work devices?

If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House's network, they could just as easily become infected there, where the ban is not in effect.

"The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders," the House's Technology Service Desk said. "The primary focus appears to be through Yahoo Mail at this time."

The increase in ZIP and RAR email attachments that contain malicious JavaScript (JS) files has been observed by multiple security companies in recent months, including by Microsoft, which offers several recommendations, like using the Windows AppLocker group policy to restrict the execution of .JS files.

The House Information Security Office also banned access to appspot.com, the domain name used by applications hosted on the Google App Engine platform, Reuters reported.

This ban appears to be unrelated to the ransomware attacks and is in response to indicators that attackers have been using Google's platform to host a remote access trojan named BLT since June 2015, unnamed congressional sources told Reuters.

Banning an entire service because some cybercriminals abuse it seems like overkill, especially when this can cause downtime to legitimate applications. Dropbox, Blogger, Google Docs and many other free services are routinely abused by cybercriminals to host malware. Banning them all, instead of specific malicious URLs, would likely be impractical.

Former House staffer Ted Henderson called the ban a "bumbling response" on Twitter. Henderson is the creator of Capitol Bells, an app that helps users track floor votes taken in real time, and Cloakroom, a chat app for Capitol Hill insiders. Both apps were affected.

"This Brazilian-style cyber security response is muzzling our community," Henderson said, referring to the repeated country-wide blocking of encrypted chat app WhatsApp in Brazil.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments