Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Russian Hackers Pilfered Data from NSA Contractor's Home Computer: Report
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 1:59:03 PM
Whose fault?
Contractor --- using a "home" computer without, probable, good security protocols for NSA based high secret work.  What is wrong here?  WHOEVER put the contractor IN there is at fault for not stressing YOU DO NOT DO GOVERMNENT WORK AT HOME!!!  Again, almost Hillary's famous server.  Without at least high end firewalls and such --- well, no wonder it was hacked and HAVING NSA DATA  ON IT is a serious, legal breach indeed.  Do not blame Kapersky on this one. 
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 2:36:50 PM
Re: Whose fault?
We just posted an updated report that it was actually an NSA employee, not a contractor. Either way, it's not okay that the nation's spy agency can't keep its classified data safe. Also, if you're going to go back to the email server story, you should also include the recent news about the Kushner & Ivanka Trump personal email accounts being used for White House business, and then being moved to the Trump organization's server. More examples of lax security for sensitive government operations.

Anyway, here's the latest on the NSA:

Russian Hackers Targeted NSA Employee's Home Computer

https://www.darkreading.com/attacks-breaches/russian-hackers-targeted-nsa-employees-home-computer-/d/d-id/1330071?
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 2:46:59 PM
Re: Whose fault?
You are quite right on email - and there are thousands MORE stories like it - plus ancient mainframe systems being unable to do GLOBAL email, only inernal email.  Reminds me of the old IBM PROFS system - internal email only used by IBM ONLY and nobody who used it had resume value OUTSIDE of IBM. 

And the most recent story about a hacker getting into White House email as Jared Kushner tool

AND the legendary, scare the hell out of you story about China hacking the NUCLEAR FOOTBALL once!!!
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 2:54:19 PM
Re: Whose fault?
And don't forget John Kelly's pwnd phone: https://www.darkreading.com/vulnerabilities---threats/john-kellys-personal-phone-compromised/d/d-id/1330068?

=O
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/6/2017 | 3:21:52 PM
Re: Whose fault?
I suppose we may all be thankful that the USA Nuclear command and control seems to be hosted on 1970s vintage mainframe systems of which NOBODY remembers HOW to hack and invade?   Those old System/370 systems, S/34 - 36 and 38 go on forever.  
Kelly Jackson Higgins
0%
100%
Kelly Jackson Higgins,
User Rank: Strategist
10/6/2017 | 3:25:39 PM
Re: Whose fault?
Mainframes for the win!
rdusek483
50%
50%
rdusek483,
User Rank: Apprentice
10/7/2017 | 8:08:48 AM
Security Corrective Action
Internal-External Airgapping needed . . .
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
10/9/2017 | 2:43:27 PM
Re: Security Corrective Action
The virtue of simplicity.  How about NO GOVERNMENT-PRIVATE DATA EVER EVER EVER on a "home" system particularly if you are dealing with SECURITY CLEARANCE ISSUE!!!    I think conseqiuences such as termination, lawsuit, jail can be persuasive.  A home computer IS NOT secure and most government systems sure are not either.  But to add pain to the pudding through a home system exposure is a violation of every sane security law in the book!!!!  RTFM as they used to say ages ago. 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
10/9/2017 | 3:22:22 PM
Re: Whose fault?
> actually an NSA employee, not a contractor.

That's kind of worse, no?

I certainly support work-from-home and telecommuting, but when you're talking about that kind of high-level government work, things need to be vetted for the home office.
Joe Stanganelli
0%
100%
Joe Stanganelli,
User Rank: Ninja
10/9/2017 | 3:27:43 PM
Re: Security Corrective Action
>  I think conseqiuences such as termination, lawsuit, jail can be persuasive. 

While I don't disagree with your overall reaction, there are certain problems with immediately going to extreme retributive measures when it comes to this stuff. At the end of the day, it's shadow IT -- and if you unrelentingly flog the peasants every time something like this comes to light, you're going to discourage self-reporting of security incidents for other employees who may be violating IT rules.

Perhaps the employee should be fired, but that shouldn't be the one-size-fits-all insta-solution for every IT violation. Otherwise, you risk not finding out about compromises until it's far too late because employees will fear for their jobs.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37001
PUBLISHED: 2021-10-28
There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified.
CVE-2021-37002
PUBLISHED: 2021-10-28
There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.
CVE-2021-22483
PUBLISHED: 2021-10-28
There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS.
CVE-2021-22485
PUBLISHED: 2021-10-28
There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22486
PUBLISHED: 2021-10-28
There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.