The National Vulnerability Database (NVD) at the National Institute of Standards and Technology (NIST), is under attack and offline after officials found malware on two web servers.
The NVD is a U.S. Government repository of vulnerability information.
Users trying to reach NVD’s site since last Friday ended up redirected to a “Site/Page Not Available” announcement, coupled with a note that the site has “experienced an issue with its Web Services and is currently not available.”
As a result of the site being down, NIST Director of Public Affairs Gail Porter responded to queries with an email saying the NVD took its “public-facing” website down after they found malware on two NIST web servers last week and that while it’s working as quickly as it can to get the website back up, the group doesn’t know when that will be.
Kim Halavakowski, chief security officer for a Finnish bank, who queried Porter about the site reposted Porter’s email, saying: “On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet. NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability.”
It remains unclear how long the malware was in place, but Porter insists there was no proof that NVD or any other NIST web pages for that matter ended up delivering malware to those that visited the site last week.
The organization is following its own guidance on malware incident handling, which does include advice on restricting network access to systems while working on clearing up an infection. No planned date for restoration of services is available.