[SecurityRatty] tag: gov

New DHS Head Understands Security

Wed, 26 Nov 2008 09:43:33 +0000

Gov. Janet Napolitano, D-Ariz., is smashing the idea of a border wall, stating it would be too expensive, take too long to construct, and be ineffective once completed.
"You show me a 50-foot wall and I'll show you a 51-foot ladder at the border. That's the way the border works," Napolitano told the Associated Press.

Instead of a wall, she said funds would be better utilized on beefing up Border Patrol manpower, technology sensors and unmanned aerial vehicles.

I am cautiously optimistic.

Group: Gov't should provide cybersecurity incentives

Tue, 18 Nov 2008 21:00:00 +0000

President-elect Barack Obama needs to take a new approach to cybersecurity, with government providing incentives for private businesses to adopt security measures, a cybersecurity group said.

Palin Hacker Denies Felony Charge and 'Hacker' Label

Thu, 13 Nov 2008 19:15:00 +0000

David Kernell, the Tennessee student accused of breaching Alaska Gov. Sarah Palin's e-mail account, is seeking to have a felony charge against him thrown out. He also wants a federal court to bar prosecutors from referring to him as a "hacker."

Nigerian gov't rated low on curbing cybercrime

Sun, 09 Nov 2008 21:00:00 +0000

The nonprofit Nigeria Internet Group (NIG) has given a low rating to the country's current leadership under President Umaru Musa Yar'Adua on its efforts to curb cybercrime.

A security lesson from the Joe the Plumber snooper

Sat, 25 Oct 2008 16:22:44 +0000

First we had the Gov. Palin Yahoo email break in to teach us the vulnerabilities of weak password reset schemes. Now we have a Joe the Plumber government records snooper teaching us about proper computer account management.

The Columbia Dispatch is reporting that a state employee with access to a “test account” has been accessing Joe the Plumber’s government records:

“We’re trying to pinpoint where it came from,” she said. The investigation could become “criminal in nature,” she said. Brindisi would not identify the account that pulled the information on Oct. 16.

Records show it was a “test account” assigned to the information technology section of the attorney general’s office, said Department of Public Safety spokesman Thomas Hunter.

Brindisi later said investigators have confirmed that Wurzelbacher’s information was not accessed within the attorney general’s office. She declined to provide details. The office’s test accounts are shared with and used by other law enforcement-related agencies, she said.

Security best practices require that test accounts be removed before a system is put into production and loaded with real data. Otherwise there is no accountability to any one individual. Shared accounts such as test accounts are frequently abused so that the snooper can get away undetected. The investigation should look at what other data has been snooped on using this test account. Perhaps this has been going on for a long time and no one noticed.

It is still likely that the perpetrator can be tracked down if he or she accessed the data from an internal system and the records application logged the IP address that connected to it. Even if the IP address doesn’t connect back to an individual’s computer and to a shared machine, the search will have been narrowed down greatly.

US gov't increasing efforts to fight ID theft, report says

Mon, 20 Oct 2008 20:00:00 +0000

The U.S. government has taken several steps to combat identity theft during the past two years, including increased prosecutions of criminals and decreased use of Social Security numbers to identify constituents, according to a report released Tuesday.

Personal Data Of Thousands Posted On Indygov.gov Website, Undiscovered For More Than A Week

Fri, 17 Oct 2008 18:32:04 +0000

Personal information of about 3,300 people charged with minor drug and alcohol offenses was accidentally posted on the city of Indianapolis’ new Web site for 11 days in late September and early this month, according to official release in Wednesday. The file contained names, dates of birth and Social Security numbers of 3,300 people charged with [...]

DDoS Attack Graphs from Russia vs Georgia's Cyberattacks

Wed, 15 Oct 2008 11:01:58 +0000

Part of Georgia's information warfare campaign aiming to minimize the bandwidth impact on its de-facto media platforms such as the web site of their Ministry of Foreign Affairs, I've just received a report part of Georgia's "Russian Invasion of Georgia" series entitled "Russian Cyberwar on Georgia", which is quoting me on page 4 in regard to the "too good to be courtesy of Russia's cyber militia" creative that appeared on the defaced Georgian President's web site. The report also includes DDoS attack graphs and related details worth going through :

"The last large cyberattack took place on 27 August. After that, there have been no serious attacks on Georgian cyberspace. By that is meant that minor attacks are still continuing but these are indistinguishable from regular traffic and can certainly be attributed to regular civilians. On 27 August, at approximately 16:18 (GMT +3) a DDoS attack against the Georgian websites was launched. The main target was the Georgian Ministry of Foreign Affairs. The attacks peaked at approx 0,5 million network packets per second, and up to 200–250 Mbits per second in bandwidth (see attached graphs). The graphs represent a 5-minute average: actual peaks were higher.

The attacks mainly consisted of HTTP queries to the http://mfa.gov.ge website. These were requests for the main page script with randomly generated parameters. These requests were generated to overload the web server in a way where every single request would need significant CPU time. The initial wave of the attack disrupted services for some Georgian websites. The services became slow and unresponsive. This was due to the load on the servers by these requests. As you see from the graphs above the attacks started to wind down after most of the attackers were successfully blocked. The latest attack may have been initiated as a response to the media coverage on the Russian cyber attacks."

In case you're interested in more factual evidence about what was happening at the particular moment in time, go through the following assessment - "Coordinated Russia vs Georgia cyber attack in progress", as well as through the following posts - "The Russia vs Georgia Cyber Attack"; "Who's Behind the Georgia Cyber Attacks?"; "Georgia President’s web site under DDoS attack from Russian hackers".

U.S. gov't proposes digital signing of DNS root zone file

Thu, 09 Oct 2008 20:00:00 +0000

The U.S. government is soliciting input on a way to make the Internet's addressing system less susceptible to tampering by hackers.

Palin Hacker Allegedly Involved in Another Computer Intrusion

Thu, 09 Oct 2008 00:28:00 +0000

A 20-year-old Tennessee student who was indicted this week for gaining unauthorized access to Alaska Gov. Sarah Palin's Yahoo account, was involved in another computer intrusion years ago while in high school, a former teacher says. David Kernell and a fellow classmate guessed the password to a system storing lesson plans and got detention for it, the teacher says.