Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

After Dodging the Bullet that Hit OPM, Interior 'Owns' Up to Cyber Problem

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 16 Jul 2015 09:33:26 +0000 (UTC)
http://www.nextgov.com/cybersecurity/2015/07/after-dodging-bullet-hit-opm-interior-owns-cyber-problem/117904/

By Aliya Sternstein
Nextgov.com
July 15, 2015
Sometimes fear is the best motivator. At the Interior Department, this was the case when computer hackers stole millions of federal employee records from an Office of Personnel Management database stored inside one of Interior's data centers. The assailants left Interior's data unscathed.
But point taken, Interior Chief Information Officer Sylvia Burns said Wednesday afternoon.
The incident, part of a historic hack against the U.S. government, prompted the department to expedite a goal of eliminating wimpy passwords as the only safeguard when signing in to agency systems.
The intruders, suspected Chinese spies, used a stolen password from an OPM contractor to copy OPM's database, according to federal officials. From OPM's network, the bad guys then scampered across the entire Interior facility's IT environment, Burns said. All other data, however, was not compromised, she said.
"When I, as a CIO for the department, learned of the intrusion, it was horrifying to me and since that time, my team and I have been on high alert working probably seven days a week, long hours to take our lessons learned and do a mitigation plan around it," Burns said. 

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: