http://www.csoonline.com/article/743404/security-breaches-at-federal-agencies-fuel-speculation-on-break-in-tactics
By Antone Gonsalves
CSO Online
November 18, 2013
The sketchy details in an FBI warning that hacktivists breached computer
systems of multiple government agencies and stole sensitive information
have fueled speculation on how the compromises occurred.
In a memo obtained by Reuters, the Federal Bureau of Investigation said
the breaches linked to the hacktivist collective Anonymous were part of a
campaign that started nearly a year ago. The attacks have affected the
U.S. Army, Department of Energy (DOE), Department of Health and Human
Services (DHHS) and possibly many more agencies.
Stolen data included the personal information of 104,000 employees,
contractors, family members and others associated with the DOE, Reuters
reported on Friday. The theft included information on almost 2,000 bank
accounts.
Because best practices would dictate never storing such information on web
servers, the breaches likely occurred at internal servers first, probably
through a spear-phishing campaign that lured government employees to
malicious websites, said Anup Ghosh, founder and chief executive of
Invincea, which provides technology for defending against cyberattacks.
[...]
--
Dean Bushmiller teaches a great 5-Day CISM in Albany NY Dec. 2 6.
Call 327-937-9786 for details.
