Tag: Hack attack

Posted on by Leave a comment

Why Credit Monitoring Fails to Address the Real Threat Facing Hacked Feds

hackkers_theridgwoodblog

By Eric Katz
June 11, 2015

In response to what was one of the largest data breaches in American history, the Office of Personnel Management has offered 4 million current and former federal employees free credit monitoring and identity theft insurance.

That approach may completely miss the mark, experts say.

Media reports and now lawmakers have said that state actors — likely from China – appear to be behind the attack, rather than individuals looking to exploit employees’ financial information. Credit monitoring, therefore, is a nice offer but one that is unlikely to protect federal employees from their adversaries’ true intentions.

“Credit reporting is lip service,” said Richard Blech, CEO of Secure Channels Inc., a cybersecurity firm that provides encryption technology and authentication services. “It means nothing.”

Ken Ammon, chief strategy officer for Xceedium, a network security company that contracts with the government and commercial enterprises, said credit monitoring is fine as a “first step,” though it serves more to protect the infiltrated organization legally than it does the individual from bad actors.

Experts refer to the hack as “cyber espionage,” rather than “cyber crime.” Individuals that illegally obtain data such as Social Security numbers and addresses can use that information for identity theft as it relates to credit card information, for example, but state actors do not hold those same interests.

https://www.govexec.com/defense/2015/06/why-credit-monitoring-fails-address-real-threat-facing-hacked-feds/115090/?oref=relatedstories

Posted on by Leave a comment

New Wave of Federal Workers to be notified that their Data Was Hacked

hacker-neo

By Eric Katz
June 16, 2015

The Office of Personnel Management will notify many more individuals their personal information was compromised than the 4.2 million current and former federal employees the agency initially informed, officials said on Tuesday.

The timing of the second round of notifications, as well as the number of employees who will receive them, is still unknown by OPM. The agency’s director, Katherine Archuleta, confirmed to a congressional panel that OPM discovered, in the course of looking into the initial hack it uncovered in April, a second hack that targeted background investigation and security clearance data.

Archuleta said it will notify the those who went through background investigations their data was compromised “as soon as practicable,” with OPM’s Chief Information Officer Donna Seymour adding the agency first had to identify exactly whose information was hacked. The initial notifications began going out June 8 and will continue through June 19.

Representatives from the Homeland Security Department, Office of Management and Budget, Interior Department — where OPM’s hacked servers were housed — and OPM all said they were taking steps to upgrade systems and boost security protocols. The other agencies noted, however, the hack was OPM’s responsibility. Archuleta said, in turn, she inherited “decades old” legacy systems that she was doing her best to modernize them.

https://www.govexec.com/pay-benefits/2015/06/opm-will-soon-notify-new-wave-workers-their-data-was-hacked/115441/?oref=govexec_today_nl

Posted on by Leave a comment

4 million fed workers victimized by hack

hacker-fares

By Cory Bennett – 06/04/15 05:17 PM EDT

Roughly 4 million current and former federal employees have had their data exposed by a hack, the Obama administration said Thursday.

The notification from the Office of Personnel Management (OPM) was short on details, but it appears troves of sensitive information had been pilfered.

Separate media reports cited China as being behind the massive hack.

The digital assailants first infiltrated the system in December, four months before they were discovered, The Washington Post reported.

“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM Director Katherine Archuleta. “We take very seriously our responsibility to secure the information stored in our systems.”

The FBI said it had opened up an investigation into the breach, which The Wall Street Journalreported is believed to have come from hackers in China.

An unnamed U.S. official told NBCNews that the data breach might touch every federal agency.

A Department of Homeland Security spokesman said it noticed “malicious activity affecting its information technology (IT) systems and data in April.”

https://thehill.com/policy/cybersecurity/244084-hackers-make-off-with-4-million-federal-employees-data

Posted on by Leave a comment

FAA COMPUTER SYSTEMS HIT BY CYBERATTACK EARLIER THIS YEAR

nextgov-medium

By Aliya Sternstein

April 6, 2015

Hackers earlier this year attacked a Federal Aviation Administration network with malicious software, agency officials said Monday.

In early February, FAA discovered “a known virus” spread via email on “its administrative computer system,” agency spokeswoman Laura Brown told Nextgov.

“After a thorough review, the FAA did not identify any damage to agency systems,” she added.

An upcoming competition among contractors to help run an FAA cybersecurity center might be altered as a result of the incident, according to an April 2 interim award notice that casually mentioned the attack.

FAA drew up a short-term agreement for incumbent contractor SRA International without reviewing competitors’ services to avoid disrupting operations while preparing a new solicitation, according to the notice.

“Due to a recent cyberattack, the FAA requires additional planning time to determine the impact to the competitive procurement’s requirements,” agency officials said in the notice.

https://www.nextgov.com/cybersecurity/2015/04/faa-computer-systems-hit-cyberattack-earlier-year/109384/?oref=govexec_today_nl