Who: All State Network Computer Users
As part of its ongoing efforts to improve the protection of State of Vermont information systems against the exploits of cyber-criminals, the Department of Information and Innovation (DII) will be rolling out enhanced computer network security features in the coming weeks.
This memo describes the nature of these new capabilities and explains what users of computers in State government should expect to see.
When will this change occur: September 22nd, 2015 at 12:00 p.m.
What Is Changing:
Beginning Monday, September 22nd, 2015, at noon, when a user visits a known malicious website or attempts to download malware, the network connection will be blocked.
State of Vermont information systems are under constant attack. State computer network intrusion prevention systems detect and block attacks against State computers every minute of every day. These security systems also continuously filter "malware" (software that is intended to damage or disable computers and computer systems) from email messages entering Vermont government computer networks.
These network defenses have been largely invisible to users.
Along with malware-infected email messages, one of the principal methods of transmission of computer malware is users' inadvertently visiting malicious web sites. In the course of a single day, State computer network security systems detect thousands of such visits to malicious web sites.
Those malicious web sites, in addition to infecting users' computers with malware, may also be used to trick users into revealing confidential information, either by impersonating a legitimate web site or by relying on the fact that people often reuse the same passwords on different systems.
What Users Will See
For the most part, users will see nothing, as most users do not visit malicious web sites or download malware. Sometimes users respond to "phishing" email messages containing links to malicious web sites; and sometimes innocent web sites are "hacked" and then used to infect visitors' computers with malware. In these cases, State computer network intrusion prevention systems might intercept the transmissions and present a warning to the users.
This warning explains the interruption and provides instructions for users who believe that the interruption might be in error.
What You Can Do
We are requesting that you let your users know about the new computer network security features, so they will not be confused if they encounter an unfamiliar message in their web browser.
If you have any questions, please contact DII Service Desk at 802-828-6620, option 1, or enter a LANDesk ticket if there are any issues. Please provide the URL and category shown so we can follow up.