Government Hack Attacks Show Need for Intel Awareness

Sunday, May 15, 2011

Kelly Colgan

F29746c6cb299c1755e4087e6126a816

Article by Ondrej Krehel

The computer security press reported a while back a hacker assault to the French Ministry of Economy, Finances and Industry.

The method of attack wasn’t exactly novel—spear phishing of government employees opened the backdoor.

It was, however, the largest such hacking attack against France.

imageThe Australian government also was invaded recently, with the attacks originating in China.

U.S. intelligence alerted the Aussies to the breach; it was not picked up by an internal detection process.

This is no surprise: More than 50 percent of the organizations in the 2011 Verizon Data Breach Investigations Report were alerted to the breach by a third party.

Soon after the Australian breach was made public, the country’s National Audit Office criticized the Department of Prime Minister and Cabinet for allowing access to webmail services such as Gmail and Hotmail from government computers.

Just like the breach in France, the employees were victims of spear phishing on personal accounts.

So why is spear phishing so successful?

Governments, like many big businesses, have robust security programs, a layered cyberdefense plan, many technical elements of detection and protection, security audits, penetration testing and vulnerability assessments—all of which is regularly tested and implemented.

The incidents in France and Australia can be traced back to “information awareness” and the human factor in a form of social engineering.

And that’s exactly what spear phishers target: They con employees to download, install or simply click on malicious content.

So for all that big government data security, we have to ask, where is the cyberthreat training for employees?

What about information awareness training for security professionals?

It’s nice to have all the tech tools at hand to prevent a breach, but they don’t amount to much if no one knows how to extract intelligence from them.

Ondrej Krehel, Chief Information Security Officer, Identity Theft 911: Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.

Possibly Related Articles:
5336
breaches Government Network Security Third Party hackers Cyber Defense
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.