Lost Pentagon Data Could be Valuable to US Enemy
A computer network hack at the Pentagon in June 2007 resulted in the loss of a large amount of sensitive data, continues to threaten the national security, the Chief Information Officer (CIO) of the Defense Department said in the second week of March 2008.
According to CIO at the OSD (Office of the Secretary of Defense), Dennis Clem, the incident still poses a concern for the national security, as reported by TechRepublic on March 7, 2008.
At the time the OSD was engaged in consolidating the resources in a project, it detected malware in several areas of its computer network. Since then, over the next two months, the malware crept into multiple systems leading to an invasion that exploited a flaw in Microsoft Windows.
In the particular attack, e-mails spoofing reputed names were distributed to employees at the OSD. Since the e-mails looked safe, employees viewed them that allowed theft of usernames and passwords. Consequently, sensitive data stored on the Defense systems was viewed, copied and transmitted to undesirable destinations.
To separate the intrusion, Clem blocked a portion of the OSD network, which had affected nearly 1,500 users. Clem had to judiciously shut down that network portion, which takes care of the OSD e-mail system but some of the staff advised Clem to close the entire network.
The day had been very bad, Clem said while discussing at the Information Processing Interagency Conference, as reported by The Register on March 6, 2008. Clem said that it is not known when the stolen data would be used that amounted to an amazing lot. He also said the stolen information included procedures and processes that US enemy would find valuable.
Clem also said that the Pentagon encountered 70,000 unauthorized entries every day from small, harmless attempts to full-size attacks, as reported by FCW on March 6, 2008. Hackers get to know in minutes about the newly deployed software or server at the Pentagon following which they try an attack. This way the hackers had already pilfered huge data from the OSD.
Although Clem did not name the attackers, still a government probe suggested that the security breach occurred from China.
Related article: Lawsuit Filed Against Man Suspected for Selling Pirated Software
» SPAMfighter News - 14-03-2008