[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Secret DHS Audit Could Prove Governmentwide Hacker Surveillance Isn't Really Governmentwide
From: InfoSec News <alerts () infosecnews ! org>
Date: 2015-11-30 11:01:38
Message-ID: alpine.DEB.2.02.1511301101260.794 () infosecnews ! org
[Download RAW message or body]
http://www.nextgov.com/cybersecurity/2015/11/secret-dhs-audit-could-prove-governmentwide-network-surveillance-isnt-really-governmentwide/124018/
By Aliya Sternstein
Nextgov.com
November 25, 2015
A secret federal audit substantiates a Senate committee's concerns about
underuse of a governmentwide cyberthreat surveillance tool, the panel's
chairman says.
The intrusion-prevention system, named EINSTEIN 3 Accelerated, garnered
both ridicule and praise following a hack of 21.5 million records on
national security employees and their relatives. The scanning tool failed
to block the attack, on an Office of Personnel network, because it can
only detect malicious activity that people have seen before.
At OPM, the attackers, believed to be well-resourced Chinese cyber
sleuths, used malware that security researchers and U.S. spies had never
witnessed.
Still, EINSTEIN came in handy, according to U.S. officials, after the OPM
malware was identified through other monitoring tools. The Department of
Homeland Security loaded EINSTEIN with the "indicators" of the attack
pattern so it could scan for matching footprints on other government
networks.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic