July 12, 2006

State Department Hacked, Turns off SSL in Response

sw-0054Interesting:

The State Department is recovering from large-scale computer break-ins worldwide over the past several weeks that appeared to target its headquarters and offices dealing with China and
North Korea, The Associated Press has learned.

Investigators believe hackers stole sensitive U.S. information and passwords and implanted backdoors in unclassified government computers to allow them to return at will, said U.S. officials familiar with the hacking.

Their response is even more interesting:

State Department’s emergency response severely limited Internet access at many locations… The department also temporarily disabled a technology known as secure sockets layer, used to transmit encrypted information over the Internet. Hackers can exploit weaknesses in this technology to break into computers, and they can use the same technology to transmit stolen information covertly off a victim’s network.

Yet again again demonstrates that cypto can be used for you or against you.

Agency recovers from computer break-ins [Yahoo/AP]

Share It: del.icio.us:State Department Hacked, Turns off SSL in Response digg:State Department Hacked, Turns off SSL in Response reddit:State Department Hacked, Turns off SSL in Response Y!:State Department Hacked, Turns off SSL in Response
Read More: Threats, Crypto, Investigations, Government
Related: Hacktivism at Work, Joe Lieberman’s Site Attacked
 Insider Threat: Security Professionals
 Less than 1% of Data Records Breached Result in Identity Theft
 When Good VoIP Goes Bad

Post a Comment...

(required)

(required)
(will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>