Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Government agencies in the U.S. are extremely exposed to cyber attacks

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

June 24, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

A threat intelligence report into the availability of login credentials for U.S. government agencies has identified no less than forty-seven agencies across eighty-nine unique domains could be easily compromised by hackers and rogue nations.

Published in April of this year, in his book 'Future Crimes', Marc Goodman warns the public and governments around the world to be more vigilent when it comes to internet security, and that attacks from hackers, terrorists and rogue nations is about to get much worse, and that this is just the beginning of things to come.

The findings resulted from an in-depth analysis of open source intelligence (OS-int) from a collection of seventeen 'paste sites' carried out between November 4, 2013 and November 4, 2014.

This report comes after the February 2015 Office of Management and Budget (OMB) report to Congress, which highlighted twelve U.S. government agencies which did not require their most privileged users to log in with any form of two-factor authentication.

All twelve of these agencies, including the Departments of State and Energy, had possibly valid login credentials available on the open web, according to the new report by Recorded Future, a web intelligence company.

The login credentials must be qualified as being only possible, as it would have been illegal for Recorded Future to attempt to authenticate them, CTO Staffan Truvé said, but featured domains paired with either plain text or hashed passwords.

Among the domains discovered to have been affected was one belonging to the Office of Personnel Management (OPM).

Citing the recent data breach at OPM, the report also notes specifically how a huge lack of security measures could leave these agencies "extremely vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce".

"While some U.S. agencies employ VPNs, two-factor authentication, and other various tokens to provide an additional layer of safety, many agencies still lag behind badly, as cited by the OMB report to Congress," the report added.

It also states that while these login credentials are often changed, "no efforts are made to contact government agencies whose credentials may be posted on a paste site."

Furthermore, while the information may be removed from a paste site, it likely still circulates in private circles and is most likely available to the original attackers.

Due to the lack of context with most publicly announced data exfiltration, it's unclear when specific attacks occurred or if the original attacker had attempted to leverage any stolen data.

Many of the listed government agencies will maintain both classified and unclassified networks, with privileged information stored on the classified networks.

But Recorded Future claims "much can still be gleaned from unclassified systems readily accessible from the open Web, with login portals easily found through simple search engine queries."

The report recommends the following:

  • Enable multi-factor authentication and/or VPNs
  • Require government workers to use stronger passwords and change them often
  • Gauge and define use of government email addresses on third-party sites
  • Maintain awareness of third-party breaches and regularly assess exposure
  • Ensure Robot Exclusion Standard is set for government login pages to prevent listing in the search engines
  • Five years ago, Recorded Future filed to become a vendor for the NSA, as mentioned in a defensive article on The Intercept.

    That article was in direct response to some critical coverage of the global surveillance revelations, following Recorded Future's report into 'How Al-Qaeda Uses Encryption Post-Snowden'.

    The report made specific note of the company's financial backing from the U.S. security services, via In-Q-Tel.

    Source: Recorded Future.

    Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

    Share on Twitter.


    Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
    Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer