Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hacker Breached NOAA Satellite Data from Contractor's PC

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 29 Jul 2014 09:18:02 +0000 (UTC)
http://www.nextgov.com/cybersecurity/2014/07/hacker-breached-noaa-satellite-data-contractors-pc/89771/

By Aliya Sternstein
Nextgov.com
July 28, 2014
National Oceanic and Atmospheric Administration satellite data was stolen from a contractor's personal computer last year, but the agency could not investigate the incident because the employee refused to turn over the PC, according to a new inspector general report.
This is but one of the “significant security deficiencies” that pose a threat to NOAA’s critical missions, the report states.
Other weaknesses include unauthorized smartphone use on key systems and thousands of software vulnerabilities.
The July 15 report made public on Friday concentrates on information-technology security problems at NOAA's National Environmental Satellite, Data, and Information Service. NOAA is part of the Commerce Department.
During the 2013 incident, "an attacker exfiltrated data from a NESDIS system to a suspicious external IP address via the remote connection established with a personal computer," wrote Allen Crawley, Commerce's assistant IG for systems acquisition and IT security, referring to a dodgy computer address. 

[...]


--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: