 |
Practical Guide to Database Security Download here |
Defense Worker Arrested After Accessing Unauthorized Data
Employee ignored automated security warnings, law enforcement saysSep 15, 2009 | 05:23 PM
By Tim WilsonDarkReading
A federal government employee is under arrest this week after venturing into a classified system he was not authorized to access.
According to an affidavit (PDF) filed on Friday in Virginia and posted in a Wired magazine article yesterday, Brian Keith Montgomery used the password he had obtained legitimately for another classified message to access data about a terrorism investigation by the FBI and the U.S. Army.
Montgomery works for the National Geospatial-Intelligence Agency, a spy agency that collects aerial and satellite data. According to the affidavit, Montgomery was working on a covert operation that was unrelated to the terrorism investigation, and although he had some privileges to classified data, he was not authorized to access the terrorism system.
The affidavit says Montgomery ignored automated security warnings that told him not to proceed, even though he had a working password. Montgomery says he saw the warnings, but didn't read them and didn't know the system was being monitored by the FBI.
Montgomery was on the system for two hours on April 9, and accessed the system again on April 14, according to the affidavit.
Although there is no indication that Montgomery did anything with the data, he is accused of endangering the investigation and causing "harm" to the FBI and the Army. He is charged with a single count of gaining unauthorized access to a protected computer.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Subscribe to RSSInsider Threat Reports
Inside Out: Protecting Your Partnerships -- and Your Data
Today's businesses depend on e-commerce among partners, but allowing third parties to access internal networks may endanger your data. How can IT security pros ensure that contractors, supplies and others get the access they need -- without becoming threats? This report offers some answers.
Rotten Apples: How To Detect And Stop Malicious Insiders In Your Organization
Most data leaks are unintentional - but in every enterprise, there are a few hard cases that defy this truism and threaten the very heart of your data.What can you do to stop these rotten apples from using their intimate knowledge of your organization - and its data access methods - to wreak havoc? This report offers a detailed look at how malicious insiders might attack your data, how they’re motivated, and what you can do to stop them.
Understanding The Insider Threat
Think you know your trusted users? Think again. The availability of new Internet technologies and the pressures of a spiraling economy are changing the nature of the data breach, and your employees may have their fingers on the trigger. This report offers a look at the full spectrum of insider threats, and the risks associated with each.
Well-Meaning Employees -- And How To Stop Them
The most dangerous threat to your data isn't hackers or criminal insiders: it's the well-meaning employee, whose missteps may lead to the unintentional leak of your most sensitive corporate data. Learn how employees accidentally expose sensitive information, and how you can keep those good intentions from paving the road to your company's ruin.
Insider Threat Newsfeed
- Smart Card Alliance Healthcare Council Plans Identity Management Focus For Upcoming Year
- SPYRUS Ships Secure Storage Devices With FIPS 140-2 Encryption
- InfoExpress Adds Virtual Appliance To Its CyberGatekeeper Family Of NAC Products
- New Email Threat Poses As Local Parcel Firms
- Apache Software Foundation Announces Apache SpamAssassin Version 3.3.0
- PGP Corporation Announces New Data Protection Solutions For Mac And Linux Enterprise Users
MORE NEWSFEED >>>
