As businesses and government facilities using wireless networks struggle to keep their confidential data in and hackers out, it seems that WEP (Wired Equivalent Privacy) and even WPA (Wi-Fi Protected Access) is already obsolete.
The US Department of Homeland Security admitted in a congressional panel disclosed this week that hundreds of attacks on the lead US cybersecurity
agency caused serious problems on its computer system.
To be precise, in fiscal 2005 and 2006, a number of 844 of so-called "incidents" were recorded and some of them resulted in infection with viruses or other malicious applications of various DHS agencies including Immigration Customs Enforcement (ICE) and the Federal Emergency Management Agency (FEMA).
"It was a shock and a disappointment to learn that the Department of Homeland Security -- the agency charged with being the lead in our national cybersecurity -- has suffered so many significant security problems on its networks," Representative James Langevin told the hearing of the Committee on Homeland Security.
The hackers gained access to DHS computers, changed the configuration of firewalls, compromised one of the agency's websites, infected the computers with Trojans and viruses and were able to download classified data.
"What does this mean? It means terrorists or nation states could be hacking Department of Homeland Security databases, changing or altering names to allow them access to this country, and we wouldn't even know they were doing it," said Langevin.
The chief information officer of the agency said that "Certainly, we need to increase our vigilance to ensure that such incidents do not happen again." Really?
Probably the most representative response to the report was that of Congressman Bennie Thompson, who raised some very interesting questions.
"How can the Department of Homeland Security be a real advocate for sound cybersecurity practices without following some of its own advice? How can we expect improvements in private infrastructure cyberdefense when DHS bureaucrats aren't fixing their own configurations?"
Find us on Google+
No user comments yet.
Be the first to express your opinion!
