A hacker that goes by the handle @DotGovs on Twitter has exposed the personal information of almost 10,000 Department of Homeland Security employees and put it on the Internet. He vows that the FBI is next. Security experts from Tripwire and Huntsman Security have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“It’s no surprise that Homeland Security has a target on its back. It’s a much maligned department with security as its objective. A successful attack on DHS gets headlines.
We should be cautious about the headlines until there’s verified information available. Reports on major cyber attacks rarely get the details right on the first go around.
Federal Government, especially high profile departments, have to account for their own visibility when modeling the threat of cyber attacks. They can’t follow best practice for security. Best practice isn’t good enough when you’re at the top tier of targets.”[/su_note]
[su_note note_color=”#ffffcc” text_color=”#00000″]Piers Wilson, Head of Product Management, Huntsman Security:
“As long as people keep falling for these tricks, cybercriminals will continue using social-engineering tactics to infiltrate victims’ systems. Any organisation can fall victim if the attack is reasonably sophisticated, or targets the right person at the right time – or exploits a flawed process, as appears to be the case here. The value of data compromised in this story appears to be low; but that isn’t always the case. These attacks are not just a challenge faced by high-profile government departments; an attacker will target any entity that they can benefit from – whether for publicity around a cause or to use the data for criminal means.
“Since there is no way to predict and prevent all human behaviour, monitoring system and user behaviour is by far the most effective approach to detecting these types of attack or the data thefts that result. Organisations that can identify any potentially suspicious activity can detect indicators that an employee has fallen victim and/or that someone has gained remote access to their systems quickly, and that gives them an opportunity to respond.”[/su_note]