ATF Data Breach

[TFOGGER]

The problem they face is that it's a purely defensive battle, against a foe that is agile and innovative. A stationary target, no matter how well defended, is doomed. As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable. The reason that the US nuclear arsenal is still controlled by computers that use 5.25 inch floppy disks has as much to do with security as it does with budgets and apathy.

[Hound]

Generally I would agree.......but I have personnally looked at some of these government sites and know others who have done so more recently. This is the equivalent of not posting sentries at the gate. Ya, a siege against an equal opponent favors the agressor but that assumes both sides are trying. These guys (the Government in general) are missing the basics. There is no excuse. To be fair, the ATF looks like it is doing better than most. The fact that they have some type of DLP (Data Loss Prevention) is a miracle. The fact that somebody was monitoring and actually caught it is a wonder.

BTW... With the password for all nuke forces being 0000.................. That is not apathy, that is willful stupidity.

The problem they face is that it's a purely defensive battle, against a foe that is agile and innovative. A stationary target, no matter how well defended, is doomed. As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable. The reason that the US nuclear arsenal is still controlled by computers that use 5.25 inch floppy disks has as much to do with security as it does with budgets and apathy.

[TheGrey]

Generally I would agree.......but I have personnally looked at some of these government sites and know others who have done so more recently. This is the equivalent of not posting sentries at the gate. Ya, a siege against an equal opponent favors the agressor but that assumes both sides are trying. These guys (the Government in general) are missing the basics. There is no excuse. To be fair, the ATF looks like it is doing better than most. The fact that they have some type of DLP (Data Loss Prevention) is a miracle. The fact that somebody was monitoring and actually caught it is a wonder.

BTW... With the password for all nuke forces being 0000.................. That is not apathy, that is willful stupidity.

Tsk. They changed it up after the last .gov data breach. Now it's ABCD1234.

[zteknik]

Tsk. They changed it up after the last .gov data breach. Now it's ABCD1234.

[Rumline]

As long as a computer system is not air gapped and is connected to ANY outside network, it is vulnerable.

Air gaps are about as good as we can do, but you should see the (publicly published) proof of concept methods for remotely compromising air-gapped systems.

[TFOGGER]

Air gaps are about as good as we can do, but you should see the (publicly published) proof of concept methods for remotely compromising air-gapped systems.

I'm familiar with the concept of Van Eck phreaking, and that's a proven technique. Air gapped in a Faraday cage might be considered secure, but there's probably a way around that too. In a high secuity network, the biggest weakness is usually the wetware, not the hardware or software. People are stupid.

[Hound]

There is no patch for human stupidity...... No arguments there. My concern is that the "stuff" in the background (read networks) is so rarely secure. I keep seeing telnet and port 80 on supposedly new networks and when I ask why..... "The internal network is secure! The firewalls will protect us". WTH are we still thinking 1990's security still works now? I keep seeing encryption being "future tech", too difficult or certificates with 40bits of entropy....... Really?.... Just really? This is what IT (be it Gov or Enterprise) fights. And we all think they know what they are doing....... tell the next breach happens. The problem is these are the new battlefields. And we (the US) don't seem to realize it or even know for REAL how this will end. The next Pearl Harbor will not be on some far off island in the Pacific. It will be in the Nest thermostat that is networked accross a whole region and an easy backdoor to all of our information. That information, when control is lost, will bring us all down in ways Hollywood can only dream off. Tinfoil at the ready, the only thing saving us right now is that the wrong person has not been at the wrong place at the wrong time with the will to bring it all crashing down. TEMPEST controls are not the concern.... That is too surgical and labor intensive. Air gaps don't let business do business. IT needs to own security, they already own the keys to the kingdom. They need oversight by a security team, not to catch them like a cop (that only leads to working around being caught not real security.), but to inform upper management if IT is doing its jobs. The fundamental organization is wrong, the accountability and responsibility is wrong, the decision making actually happens at the admin level instead of management level (it's like the Star Trek Paclids saying "You'er smart.... You make 'GO'") and finally we need to take this seriously. Between OPM like breaches from the government losing our PII and places like Home Depot losing our financial data there is only so much the "trust" system that is at the core of all networks can take before it all falls.

I'm familiar with the concept of Van Eck phreaking, and that's a proven technique. Air gapped in a Faraday cage might be considered secure, but there's probably a way around that too. In a high secuity network, the biggest weakness is usually the wetware, not the hardware or software. People are stupid.