Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Russian Hackers Pilfered Data from NSA Contractor's Home Computer: Report
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 1:59:03 PM
Whose fault?
Contractor --- using a "home" computer without, probable, good security protocols for NSA based high secret work.  What is wrong here?  WHOEVER put the contractor IN there is at fault for not stressing YOU DO NOT DO GOVERMNENT WORK AT HOME!!!  Again, almost Hillary's famous server.  Without at least high end firewalls and such --- well, no wonder it was hacked and HAVING NSA DATA  ON IT is a serious, legal breach indeed.  Do not blame Kapersky on this one. 
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 2:36:50 PM
Re: Whose fault?
We just posted an updated report that it was actually an NSA employee, not a contractor. Either way, it's not okay that the nation's spy agency can't keep its classified data safe. Also, if you're going to go back to the email server story, you should also include the recent news about the Kushner & Ivanka Trump personal email accounts being used for White House business, and then being moved to the Trump organization's server. More examples of lax security for sensitive government operations.

Anyway, here's the latest on the NSA:

Russian Hackers Targeted NSA Employee's Home Computer

https://www.darkreading.com/attacks-breaches/russian-hackers-targeted-nsa-employees-home-computer-/d/d-id/1330071?
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 2:46:59 PM
Re: Whose fault?
You are quite right on email - and there are thousands MORE stories like it - plus ancient mainframe systems being unable to do GLOBAL email, only inernal email.  Reminds me of the old IBM PROFS system - internal email only used by IBM ONLY and nobody who used it had resume value OUTSIDE of IBM. 

And the most recent story about a hacker getting into White House email as Jared Kushner tool

AND the legendary, scare the hell out of you story about China hacking the NUCLEAR FOOTBALL once!!!
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 2:54:19 PM
Re: Whose fault?
And don't forget John Kelly's pwnd phone: https://www.darkreading.com/vulnerabilities---threats/john-kellys-personal-phone-compromised/d/d-id/1330068?

=O
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 3:21:52 PM
Re: Whose fault?
I suppose we may all be thankful that the USA Nuclear command and control seems to be hosted on 1970s vintage mainframe systems of which NOBODY remembers HOW to hack and invade?   Those old System/370 systems, S/34 - 36 and 38 go on forever.  
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 3:25:39 PM
Re: Whose fault?
Mainframes for the win!
rdusek483
50%
50%
rdusek483,
User Rank: Apprentice
10/7/2017 | 8:08:48 AM
Security Corrective Action
Internal-External Airgapping needed . . .
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/9/2017 | 2:43:27 PM
Re: Security Corrective Action
The virtue of simplicity.  How about NO GOVERNMENT-PRIVATE DATA EVER EVER EVER on a "home" system particularly if you are dealing with SECURITY CLEARANCE ISSUE!!!    I think conseqiuences such as termination, lawsuit, jail can be persuasive.  A home computer IS NOT secure and most government systems sure are not either.  But to add pain to the pudding through a home system exposure is a violation of every sane security law in the book!!!!  RTFM as they used to say ages ago. 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
10/9/2017 | 3:22:22 PM
Re: Whose fault?
> actually an NSA employee, not a contractor.

That's kind of worse, no?

I certainly support work-from-home and telecommuting, but when you're talking about that kind of high-level government work, things need to be vetted for the home office.
Joe Stanganelli
0%
100%
Joe Stanganelli,
User Rank: Ninja
10/9/2017 | 3:27:43 PM
Re: Security Corrective Action
>  I think conseqiuences such as termination, lawsuit, jail can be persuasive. 

While I don't disagree with your overall reaction, there are certain problems with immediately going to extreme retributive measures when it comes to this stuff. At the end of the day, it's shadow IT -- and if you unrelentingly flog the peasants every time something like this comes to light, you're going to discourage self-reporting of security incidents for other employees who may be violating IT rules.

Perhaps the employee should be fired, but that shouldn't be the one-size-fits-all insta-solution for every IT violation. Otherwise, you risk not finding out about compromises until it's far too late because employees will fear for their jobs.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7814
PUBLISHED: 2020-07-10
RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in ____COMPONENT____ of RAONWIZ...
CVE-2020-5607
PUBLISHED: 2020-07-10
Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2020-15001
PUBLISHED: 2020-07-09
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when u...
CVE-2020-15092
PUBLISHED: 2020-07-09
In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most T...
CVE-2020-15093
PUBLISHED: 2020-07-09
The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A ...