Network Malware Prevention

Who:     All State Network Computer Users

Summary: 

As part of its ongoing efforts to improve the protection of State of Vermont information systems against the exploits of cyber-criminals, the Department of Information and Innovation (DII) will be rolling out enhanced computer network security features in the coming weeks.

This memo describes the nature of these new capabilities and explains what users of computers in State government should expect to see.

When will this change occur:  September 22nd, 2015 at 12:00 p.m.

What Is Changing:

Beginning Monday, September 22nd, 2015, at noon, when a user visits a known malicious website or attempts to download malware, the network connection will be blocked.

More Information:

State of Vermont information systems are under constant attack. State computer network intrusion prevention systems detect and block attacks against State computers every minute of every day. These security systems also continuously filter "malware" (software that is intended to damage or disable computers and computer systems) from email messages entering Vermont government computer networks.

These network defenses have been largely invisible to users.

Along with malware-infected email messages, one of the principal methods of transmission of computer malware is users' inadvertently visiting malicious web sites. In the course of a single day, State computer network security systems detect thousands of such visits to malicious web sites.

Those malicious web sites, in addition to infecting users' computers with malware, may also be used to trick users into revealing confidential information, either by impersonating a legitimate web site or by relying on the fact that people often reuse the same passwords on different systems.

What Users Will See

For the most part, users will see nothing, as most users do not visit malicious web sites or download malware.  Sometimes users respond to "phishing" email messages containing links to malicious web sites; and sometimes innocent web sites are "hacked" and then used to infect visitors' computers with malware. In these cases, State computer network intrusion prevention systems might intercept the transmissions and present a warning to the users.

Screenshot of blocked website 

This warning explains the interruption and provides instructions for users who believe that the interruption might be in error.

What You Can Do

We are requesting that you let your users know about the new computer network security features, so they will not be confused if they encounter an unfamiliar message in their web browser.

If you have any questions, please contact DII Service Desk at 802-828-6620, option 1, or enter a LANDesk ticket if there are any issues.  Please provide the URL and category shown so we can follow up.

Department of Information and Innovation
133 State Street
Montpelier, VT 05633
(802) 828-4141

For Customer Support, please call 802-828-6620 or toll free 855-828-6620

  • DII Service Desk:   Option 1
  • DII Telecom Helpdesk:  Option 2
  • DII Mainframe Helpdesk:   Option 3
     
  • Vision/HR Helpdesk: 802-828-6700