ATF Data Breach

**Hound** · 06-30-2015, 09:27

For right now it looks like only employees are affected but if they will do it to their own it does not give much reassurance for any of our information.

http://www.scmagazine.com/official-a...NTYyMTU3Nzg5S0

An executive at the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) headquarters is under investigation by the Department of Justice (DOJ) for allegedly improperly accessing and downloading ATF employee data. Scott Sweetow, deputy assistant director for strategic intelligence and information, was accused of sending employees' personal information to his personal account from his work email.
While the ATF doesn't discuss ongoing investigations, DOJ spokesperson Patrick Rodenbush told CNN in a statement, his department “has security solutions in place that detect the transmission of sensitive personally identifiable information outside the Department's computer network.” If a problem is detected, the agency at which the incident occurred is contacted for additional investigation and to take appropriate action.
Sweetow told the news outlet, “It appears somebody is actively seeking to damage my reputation.” The number of people affec

**nogaroheli** · 06-30-2015, 11:23

This is my shocked face. This is turning into such a joke with .gov security.

**TFOGGER** · 06-30-2015, 11:29

The problem they face is that it's a purely defensive battle, against a foe that is agile and innovative. A stationary target, no matter how well defended, is doomed. As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable. The reason that the US nuclear arsenal is still controlled by computers that use 5.25 inch floppy disks has as much to do with security as it does with budgets and apathy.

**Hound** · 06-30-2015, 12:53

Generally I would agree.......but I have personnally looked at some of these government sites and know others who have done so more recently. This is the equivalent of not posting sentries at the gate. Ya, a siege against an equal opponent favors the agressor but that assumes both sides are trying. These guys (the Government in general) are missing the basics. There is no excuse. To be fair, the ATF looks like it is doing better than most. The fact that they have some type of DLP (Data Loss Prevention) is a miracle. The fact that somebody was monitoring and actually caught it is a wonder.

BTW... With the password for all nuke forces being 0000.................. That is not apathy, that is willful stupidity.

Originally Posted by TFOGGER

The problem they face is that it's a purely defensive battle, against a foe that is agile and innovative. A stationary target, no matter how well defended, is doomed. As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable. The reason that the US nuclear arsenal is still controlled by computers that use 5.25 inch floppy disks has as much to do with security as it does with budgets and apathy.

**Aloha_Shooter** · 06-30-2015, 14:35

Two possibilities:
1) This was a case of a bad egg who got caught doing something that is clearly wrong and has nothing to do with an agile, innovative foe.
2) Someone cracked the guy's home system then used that to penetrate ATF to get personnel records. If that's the case, as foxtrot said, the foe doesn't need to be particularly innovative or agile given the government's love affair with and dependence on Microsoft software. Unlike the OPM breach, I'm not sure what a bad guy hopes to get from ATF personnel records so I'm a bit skeptical of Mr. Sweetow's "explanation."

**izzy** · 06-30-2015, 15:39

Am I wrong to so straight to "hope this doesn't slow down the turn around on my applications"?

**TheGrey** · 06-30-2015, 15:42

Originally Posted by Hound

Generally I would agree.......but I have personnally looked at some of these government sites and know others who have done so more recently. This is the equivalent of not posting sentries at the gate. Ya, a siege against an equal opponent favors the agressor but that assumes both sides are trying. These guys (the Government in general) are missing the basics. There is no excuse. To be fair, the ATF looks like it is doing better than most. The fact that they have some type of DLP (Data Loss Prevention) is a miracle. The fact that somebody was monitoring and actually caught it is a wonder.

BTW... With the password for all nuke forces being 0000.................. That is not apathy, that is willful stupidity.

Tsk. They changed it up after the last .gov data breach. Now it's ABCD1234.

**brutal** · 06-30-2015, 18:04

There are two kinds of companies (incl gov). Those that have had a data breach, and those that haven't discovered it yet.

Several studies vary slightly, but the average time an infiltrator spends inside your systems weaving their web of connections before being discovered is around 280 days. Data mined will then be used slowly over time or the lists sold outright to the highest bidder on the black market.

**Rumline** · 06-30-2015, 18:34

Originally Posted by TFOGGER

As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable.

Air gaps are about as good as we can do, but you should see the (publicly published) proof of concept methods for remotely compromising air-gapped systems.

**zteknik** · 06-30-2015, 19:18

Originally Posted by TheGrey

Tsk. They changed it up after the last .gov data breach. Now it's ABCD1234.

Colorado AR-15 Shooters Club Discussion Forums

Thread: ATF Data Breach

Thread Tools

Display

ATF Data Breach

Posting Permissions

Partners

Partners

About Us

Established - 2002