[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Hacker Breached NOAA Satellite Data from Contractor's PC
From: InfoSec News <alerts () infosecnews ! org>
Date: 2014-07-29 9:18:02
Message-ID: alpine.DEB.2.02.1407290917490.28616 () infosecnews ! org
[Download RAW message or body]
http://www.nextgov.com/cybersecurity/2014/07/hacker-breached-noaa-satellite-data-contractors-pc/89771/
By Aliya Sternstein
Nextgov.com
July 28, 2014
National Oceanic and Atmospheric Administration satellite data was stolen
from a contractor's personal computer last year, but the agency could not
investigate the incident because the employee refused to turn over the PC,
according to a new inspector general report.
This is but one of the "significant security deficiencies" that pose a
threat to NOAA's critical missions, the report states.
Other weaknesses include unauthorized smartphone use on key systems and
thousands of software vulnerabilities.
The July 15 report made public on Friday concentrates on
information-technology security problems at NOAA's National Environmental
Satellite, Data, and Information Service. NOAA is part of the Commerce
Department.
During the 2013 incident, "an attacker exfiltrated data from a NESDIS
system to a suspicious external IP address via the remote connection
established with a personal computer," wrote Allen Crawley, Commerce's
assistant IG for systems acquisition and IT security, referring to a dodgy
computer address.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic