Risk
3/17/2005
12:30 PM
Commentary
Commentary
Commentary
50%
50%

Giving Aid To The Enemy

Cybercrooks don't need any extra help, but they're getting it from their victims. Look what happened at the Internal Revenue Service.

Cybercrooks don't need any extra help, but they're getting it from their victims. Look what happened at the Internal Revenue Service.More than one-third of IRS workers and their bosses freely gave up their computer logins to callers who identified themselves as computer technicians trying to fix a network problem. In reality, they were inspectors from the Office of the Inspector General for Tax Administration at the Treasury Department.

Auditors recently contacted 100 IRS employees, asking them to provide their network logins and temporarily changed their passwords. Thirty-five workers and managers gave them up. That's still better than the 71 IRS staffers who volunteered their passwords during a similar test four years ago.

According to an AP report, some agency employees said they weren't aware of the hacking technique and never suspected foul play. They just wanted to help a computer technician. A few workers were suspicious because they couldn't find the caller's name in the IRS global employ directory, but they surrendered their passwords anyway. Others wavered, but got a say-so from their bosses to cooperate.

Two days after the test, the IRS issued an E-mail alert about the hacking technique and commanded workers to notify security officials if they get such calls.

Now, if only those IRS employees can be as trusting with my tax return as they were with the faux technicians when they gave up their passwords.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3966
Published: 2015-08-30
The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a peer relationship to send a crafted configuration with compression.

CVE-2015-4555
Published: 2015-08-30
Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vect...

CVE-2015-5698
Published: 2015-08-30
Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2015-4497
Published: 2015-08-29
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token...

CVE-2015-4498
Published: 2015-08-29
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point i...

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.