Dept. of Energy Compromised 159 Times Over Four-Year Period

An anonymous reader writes: USA TODAY obtained records through a Freedom of Information Act request indicating that the U.S. Department of Energy was targeted by over a thousand cyberattacks between October 2010 and October 2014. 159 of the attacks were successful in compromising some level of security. "Energy Department officials would not say whether any sensitive data related to the operation and security of the nation's power grid or nuclear weapons stockpile was accessed or stolen in any of the attacks, or whether foreign governments are believed to have been involved. ... The National Nuclear Security Administration, a semi-autonomous agency within the Energy Department responsible for managing and securing the nation's nuclear weapons stockpile, experienced 19 successful attacks during the four-year period, records show. ... Records show 53 of the 159 successful intrusions from October 2010 to October 2014 were 'root compromises,' meaning perpetrators gained administrative privileges to Energy Department computer systems."

Re:Really?

[iggymanz]

oh my sides hurt!

usually UTM from big network iron vendor == very poorly maintained Linux system with more holes than a fishnet

Re:The Obama administration

[HiThere]

Well, Obama promised that his administration would be more open. He just didn't mention that this would be due to non-US governmental agents. (OK, Snowden used to be a government agent, but he hasn't been since he started making Obama's promise true.)

Ran by the same government?

[Opportunist]

I that run by the same government that wants to collect all our private data for security reasons?

Wooo Over a 1000!

[TechyImmigrant]

I log in a root to the server of my HOA:

Last failed login: Sat Sep 12 11:52:54 PDT 2015 from 43.229.53.41 on ssh:notty
There were 59462 failed login attempts since the last successful login.

So over 59000 attempts since last week, on a server with nothing of interest to anyone.

Re:Wooo Over a 1000!

[TechyImmigrant]

I am a cryptography goon for a big company. I suspect it's more than just normal probe attempts and someone thinks there's more in my servers than there really is.
 

Dept. of Energy compromised by cyber attackers ..

[nickweller]

"Incident reports .. shows a near-consistent barrage of attempts to breach the security of critical information systems that contain sensitive data about the nation's power grid, nuclear weapons stockpile and energy labs."

Have you considered not connecting your critical infrastructure directly to the Internet. The fact that the 'Cyber attackers' can even see your computers shows extreme complacency by whoever is in charge of your 'computers'.

Re:The Obama administration

[Tablizer]

Like the private sector has had a good record on this?

Light on details

[toejam13]

The problem with the article is that it is very light on details. How is an attack defined? Does it include a simple port scan or does it require something more targeted and defined? Of systems that were compromised, how many of them were non-sensitive public web servers in a DMZ/TZ and how many of them were internal servers containing sensitive data?

Using the weakest metrics, my employer's external facing network is attacked thousands of times a day. It isn't a matter of if we're being hit by a traffic flood at any given time, but by how many clients and at what rate.

Would be nice if they actually tallied the incidents by severity and general attack type.