Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoD Lost 24k Files In Attack On Contractor

Posted by timothy on from the for-your-own-safety dept.

Trailrunner7 writes with this news from ThreatPost: "A targeted attack on a defense contractor in March of this year resulted in the theft of 24,000 files by an unknown attacker, according to Defense Department officials. The attack, which officials say was the work of a foreign government, would represent one of the more serious known attacks on the department and its contractors. In a speech Thursday in which he unveiled the Department of Defense Strategy for Operating in Cyberspace, William J. Lynn, deputy defense secretary, said that the attack was just one of thousands such intrusions that the government and its contractors suffer every year."

7 of 49 comments (clear)

  1. That's a lot of files by liquidweaver · · Score: 2

    I don't know how that did it. My cabinet has probably 150 files at best, and it weighs about 70 lbs. They must have used a really big truck and been awfully quick about it. Sounds like a team that specialized in file organization in the past - a rogue librarian thief ring!

    --
    mov ah, 4ch
    int 21h
  2. They don't "suffer" from attacks. by gavron · · Score: 4, Insightful

    > the attack was just one of thousands such intrusions that the government and its contractors suffer every year

    No, the government and its contractors suffer from incompetence, a lack of encryption, authentication, and data handling procedures. They suffer from violations of their own process. "Here, take this database, decrypt it and email it to our vendor." They suffer from upper management promoted on rank and time served, not competence.

    The intrusions aren't what they suffer... they are a direct consequence of the incompetence our government shows daily.

    How's that debt ceiling coming? I'd like to have mine raised. The mortgage is due tomorrow.

    E

    1. Re:They don't "suffer" from attacks. by sdguero · · Score: 2

      Your post made me feel sad.

  3. Dear LulzSec & Anonymous by TubeSteak · · Score: 3, Insightful

    Dear LulzSec & Anonymous

    Please continue making headlines with your infodumps from .gov, .mil, and contractor websites.
    It's not like you're doing much damage, considering the terabytes being siphoned off by foreign governments.
    Maybe if there's a bright enough spotlight shone onto the problem, the government will finally get around to fixing it.

    Thank You,
    Joe Q. Public

    --
    [Fuck Beta]
    o0t!
    1. Re:Dear LulzSec & Anonymous by todrules · · Score: 2

      They might not fix it, but at least their brother/cousin/nephew or biggest campaign contributor will at least get a fat multi-billion dollar contract to "try" and fix it.

  4. I'm trying to figure out... by Unkyjar · · Score: 4, Insightful

    why are these machines even connected to the net?

    1. Re:I'm trying to figure out... by c++0xFF · · Score: 3, Informative

      They were connected because the information on them is unclassified. Yeah, they might prefer that the files wouldn't be disclosed to attackers, but in the end, the information isn't super secret. The convenience of the internet (easy collaboration with other engineers around the country, being able to use people that don't have a security clearance, or saving on the cost of a separate computer network) outweighs the risk in this case.

      Believe it or not, the most blindingly obvious step in securing classified data (putting it on a separate network that's unconnected to the internet, a concept that I came up with before I was 10 years old and I'm sure I wasn't the youngest) has already been taken. It's a good thing, too ... computer security is hard, and you don't want to take that risk with anything that poses a threat to national security.