Hackers forced State Department to replace 30, 000 employee credentials in 2014

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.washingtonexaminer.com/hackers-forced-state-department-to-replace-30000-employee-credentials-in-2014/article/2560740

Log-in credentials for an estimated 30,000 State Department employees had
to be replaced after unidentified hackers breached the agency's
unclassified communications network last November.

The incident raised questions on the severity of the breach, which State
Department spokesperson Jen Psaki downplayed by pointing to the “thousands
of attacks” that pepper the agency’s systems every day.

“The reason why there’s been a focus, I think, on this particular incident
is because of the extent and how broad it was,” Psaki said at a Feb. 20
media briefing. “And obviously, we took steps to combat that, but it’s
something that we work on every day.”

A State Department official who declined to be named told the Washington
Examiner cybersecurity “best practices” dictated the agency replace 30,000
secure log-in devices known as "fobs" after the network intrusion.

The fobs display a randomly-generated code that changes periodically,
usually every 30 to 60 seconds. A user first authenticates themselves on
the key fob with a personal identification number, followed by the current
code displayed on the device. Employees must plug the fob’s random code
into the network to gain access.

The official said it took several days to change about half of the fobs,
while the other half were updated immediately.

Replacing the devices could have cost the agency millions of dollars and
kept employees from accessing the network remotely for an extended period
of time, NextGov reported.

The State Department is among multiple federal agencies to face
cyberattacks in recent months.

The Pentagon, IRS, Department of Energy and the Environmental Protection
Agency were some of the federal agencies that suffered digital breaches in
2014, according to the Heritage Foundation.

White House and postal service hacks also drew attention to the widespread
issue of cybersecurity last fall.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!