It is currently 16-12-2017 12:16

Negligence was the cause of the leak data more than 20 million civil servants in the USA

Negligence was the cause of the leak data more than 20 million civil servants in the USA

by sigismund » 2016-09-08 22:25:33


Since 2005, the management of the HR Department, the U.S. ignored warnings about the vulnerability of computer systems.


The neglect of basic measures of information protection leadership human resources Management service of the United States led to large-scale leak of personal data of more than 20 million American citizens. To such conclusion the house Committee on oversight and government reform (United States House Committee on Oversight and Government Reform), on the basis of the investigation conducted.

We are talking about cyber attacks on computer systems of Management of personnel service of the United States in 2014-2015. As a result of break-ins unknown stole confidential information, including addresses, data, medical records, financial history and fingerprint images 21.5 million former and current civil servants and applicants for public office. Presumably, the attacker used backdoor access with administrative rights to the system management of personnel. In the Commission of cyber attacks suspected hackers sponsored by the Chinese government, but Chinese authorities denied any involvement in the incidents.

According to the report, since 2005 the state inspectors repeatedly warned the leadership of the human resources Management service of the United States about the vulnerability of computer systems Department, but those reports were ignored. In 2012, the team of computer incident response US-CERT alerted the Department about the presence on the server malware Hikit, and after some time was discovered evidence of unauthorized penetration of the system one or more hackers.

In March 2014 the US-CERT reported that unknown managed to steal data about the specifications of the network and the number of files. US-CERT and NSA have launched an operation called Big Bang, during which they watched the actions of the criminals. When hackers downloaded a few keyloggers on computers used by employees with access to critical data, experts have disconnected from the servers. Then the experts were able to suppress the activities of only one attacker, the second has not been revealed. As shown by the analysis, a hacker managed to access the server by using stolen from one of the contractors Management personnel service credential.

According to the report, the first cyber attack was the grouping Axiom Threat Actor Group (the only group using Hikit). The second carried the team Deep Panda. Both groups suspected of links with the Chinese government, so it's possible the hackers coordinated their actions.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5