The website of the National Vulnerability Database (NVD) remains down today, six days after malware was reportedly found on its servers.
Since March 8, users trying to reach NVD’s site have been redirected to a “Site/Page Not Available” announcement, coupled with a note that the site has “experienced an issue with its Web Services and is currently not available.” The website, hosted by the beltway-based National Institute of Standards and Technology (NIST) lab has long served as a repository for vulnerability management data and software flaw reporting.
The news was broken when Kim Halavakowski, chief security officer for a Finnish bank, emailed NVD about the outage after attempting to find some vulnerability information. NIST Director of Public Affairs Gail Porter responded with an email and said the NVD took its “public-facing” website down after malware was found on two NIST web servers last week and that while it’s working as quickly as it can to get the website back up, the group doesn’t know when exactly that will be..
Halavakoski broke the news when he reposted Porter’s email on his personal Google+ page: “On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet. NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability,” Porter wrote.
It’s unclear how long the malware was in place initially or if it’s even still there, but Porter insists there was no proof that NVD or any other NIST web pages for that matter were used to deliver malware to those that visited the site last week.
In an email to Threatpost on Thursday, Porter confirmed the contents of the email and asserts that the NIST is “continuing to respond to the incident.”