US Department of Energy Hacked; Employee Data Lost

US Department of Energy Hacked; Employee Data Lost

www.infopackets.com

The United States Department of Energy has been attacked by hackers. The unknown assailants reportedly gained access to employee personal information.

News agency Reuters recently acquired a letter between the US Department of Energy (DOE) and its employees. In that letter, the DOE admits that the attack "resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information."

(visit the link for the full news article)


Related News Links:
www.dailytech.com

Apparently, many government institutions are revealing the precariously poor security they have in place....

But in this case, I note an interesting comment regarding the DOE and a 2006 breach I hadn't heard of before...

Reports suggest that the attack occurred during the middle of January 2013. However, it remains unknown who was behind the attack or what motivated the security breach.

It's also not clear if the attack targeted a specific sub-agency within the DOE, such as the Energy Information Administration (which publishes data related to the oil, gas, and electricity markets).

Needless to say... This could be more posturing by the media to engender consent and support the government's agenda of controlling the internet, and by extension, those who use it.

Here's the interesting tidbit...

The attack is sure to provoke new claims that the Department of Energy suffers from weak cyber security.

These criticisms have been made before, and specifically after USB memory drives containing sensitive DOE documents were discovered in an illegal methamphetamine lab in 2006. Why the drug producers had these documents in their possession remains unclear.

Bolding emphasis is mine

Now the DOE political appointee is resigning (unexpectedly) and the breach, while 'run-of-the-mill' by comparison to others has occurred... are they related?

www.infopackets.com
(visit the link for the full news article)

Hopefully it leads to who's pockets all that money obtained by lobbyists is going. Well, I know where it's going. I just don't know names and amounts. Which relative of Congress is getting those cushy high paying jobs because of the billions they lobbied for.

This wouldn't be a problem if we were using paper like we did years ago. Seems like computers and business don't mix well if they are hooked to the net. They replace workers, taxpayers, with very expensive software that needs upgrading every few years. The little savings they have makes it so there are less customers and taxpayers. The computer companies are getting richer and the businesses and government poorer and their whole systems are at risk of being hacked. We need to smarten up and take these things offline and start snailmail and local buying again to make sure everyone is working.

I think these hackers should do the nations people a favor and do something very meaningful, like wiping out all student loan information / debts.

Now Im not sure how exactly that information is stored or if its possible to do... but Id like to see something more than employee personal data being hacked.

reply to post by Maxmars


Here is a link to newspapers being hacked. I am just wondering if the same people are responsible for this U.S. Dept. of Energy hack; as well as other recent hacks.

Link: blog.heritage.org...

Originally posted by CaticusMaximus
I think these hackers should do the nations people a favor and do something very meaningful, like wiping out all student loan information / debts.

Now Im not sure how exactly that information is stored or if its possible to do... but Id like to see something more than employee personal data being hacked.

That type of information is probably guarded by the most hackyest of hackers working for the man, ergo, student loan debt will ALWAYS exist!

reply to post by CaticusMaximus


Off topic--- No offense, but your "hack in and delete my loan balance" mentality is what's killing our great Country. Working hard and paying off your loans(student loans or not) is much more rewarding than having it just deleted.

Plenty can go wrong with a hacking at the DOE when you consider the scope of the DOE's work and its roots in the Manhattan project leading up to the NRC...

Then consider the list of critical National Laboratories that fall under DOE and all I can say is OOOF! We certainly only know the half of what this hack involved...

Livermore
Los Alamos
Fermi
Oak Ridge
y 12 security complex adjacent to Oak Ridge.....

Yikes!! Not good and one would assume the tightest of security tolerances within the DOE.... Apparently nothing is safe any more...

Originally posted by rickymouse
This wouldn't be a problem if we were using paper like we did years ago. Seems like computers and business don't mix well if they are hooked to the net. They replace workers, taxpayers, with very expensive software that needs upgrading every few years. The little savings they have makes it so there are less customers and taxpayers. The computer companies are getting richer and the businesses and government poorer and their whole systems are at risk of being hacked. We need to smarten up and take these things offline and start snailmail and local buying again to make sure everyone is working.

You make a good point..
In the old days, they would have to make a physical breach of a facility then another breach of a vault or locked storage to access the PAPER. Much more involved and thus less likely back then. More reliance on insiders... Now everything is up for grabs. Makes me feel dirty....

I want paper again!!

Originally posted by jibeho
....

Yikes!! Not good and one would assume the tightest of security tolerances within the DOE.... Apparently nothing is safe any more...

I think the biggest issue is that it was never safe. The idea of strong and impenetrable security is as much marketing as it is reality. Especially since most of the agencies rely on 'commercial' enterprises specializing in 'security'.... yet they all remain somehow free from consequences when the inevitable breaches are revealed.

I find it most interesting that they still don't know the nature or extent of the problem yet....

... [the DOE] also promised to "implement a full remediation plan" once "the full nature and extent of this incident is known."

Anyone remember this from back in September...

WASHINGTON, Sept 29 (Reuters) - The U.S. government's "Fort Knox" of weapons-grade uranium storage has ended a contract with a unit of an international security firm two months after an 82-year-old nun and other nuclear activists broke into the site.

This was supposed to have been a "wake up call" according to our energy secretary. Now look at what has happened...

The nun, Megan Rice, and two others cut perimeter fences to reach the outer wall of a building where enriched uranium was stored. The site was shut temporarily after the breach.

An investigation by the Energy Department's inspector general last month found a security camera had been broken for about six months and was part of a backlog of repairs needed for security at the facility.

The NNSA repeated on Saturday that Energy Secretary Steven Chu has said the incident was an important "wake-up call" for the entire nuclear complex.

"The security of our nation's nuclear material is the Department's most important responsibility, and we have no tolerance for federal or contractor personnel who cannot or will not do their jobs," said NNSA spokesman Joshua McConaha.

www.huffingtonpost.com...

Really makes you wonder...

The part that upsets me is that fact that the taxpayer most likely has paid very large sums to employees and contractors for security on these systems. The Kevin M. episode showed that there was very little in proper security in use. Since then I would bet huge dollars have been spent.

Originally posted by jibeho

Originally posted by rickymouse
This wouldn't be a problem if we were using paper like we did years ago. Seems like computers and business don't mix well if they are hooked to the net. They replace workers, taxpayers, with very expensive software that needs upgrading every few years. The little savings they have makes it so there are less customers and taxpayers. The computer companies are getting richer and the businesses and government poorer and their whole systems are at risk of being hacked. We need to smarten up and take these things offline and start snailmail and local buying again to make sure everyone is working.

You make a good point..
In the old days, they would have to make a physical breach of a facility then another breach of a vault or locked storage to access the PAPER. Much more involved and thus less likely back then. More reliance on insiders... Now everything is up for grabs. Makes me feel dirty....

I want paper again!!

Because of the way it is, every small agency has to back everything up multiple times with paper to protect themselves so actually a lot of paper isn't saved anyway. Someone up at the top can readjust the figures instantly to shove the blame on those below with this electronic system. Backing everything up on paper is crucial.

reply to post by KawRider9


Not sure what era and/or timeline your living in/on, but here in 2013 on this timeline, jobs are almost nowhere to be found, and when they are found, 99% pay #. Students are sold on going 100k+ into debt on the promise that theyll get a good job with that degree, and when there are no jobs anywhere, let alone in their chosen field, the establishment says "haha, to bad, sucker! Now start paying us that interest or we'll make you sorry you even exist!"

Yeah, wanting students to have a fair chance in life is "whats killing our great country".

Please catch up with reality.

ETA: I have no students loans, kaw. I have NO loans. But I feel for those who do, and have been duped.

Originally posted by CaticusMaximus
I think these hackers should do the nations people a favor and do something very meaningful, like wiping out all student loan information / debts.

Now Im not sure how exactly that information is stored or if its possible to do... but Id like to see something more than employee personal data being hacked.

That AND IRS debt and all history so it couldn't be recovered!

Originally posted by Maxmars

Here's the interesting tidbit...

The attack is sure to provoke new claims that the Department of Energy suffers from weak cyber security.

These criticisms have been made before, and specifically after USB memory drives containing sensitive DOE documents were discovered in an illegal methamphetamine lab in 2006. Why the drug producers had these documents in their possession remains unclear.

Bolding emphasis is mine

Now the DOE political appointee is resigning (unexpectedly) and the breach, while 'run-of-the-mill' by comparison to others has occurred... are they related?

www.infopackets.com
(visit the link for the full news article)

Great post and good info, thanks for bringing this to light! There does seem to be a lot more "admitted" hacks in recent news from large organizations including government agencies (no surprise.) I wonder how many are not admitted or known to the public though...How many people know of the hacker Albert Gonzalez and what he did, or if he helped the Secret Service and how? (not to derail the thread)

I think there is probably weak cyber security across the board. It almost seems like the government wants to be hacked, or at least put more light on their flaws to make the people think there the cyber war is becoming huge and a problem for everyone.

There were other posters who brought up that the government changed their security to something else so I don't think it's necessarily a conspiracy on the government, they, like many large organizations, operate slowly and react in hindsight after learning of any hack.

On your tidbit of things being related, excellent possible connection! Has any more info been released on the nature of the documents on the USB drive or anything else? Perhaps some of the files overlapped, but I don't think any of these DOE contents have been publicly released... which probably lends to their credibility. Maybe they have been released though?

This always makes me scratch my head.
In this day and age how do you not have a security policy?
I know that many Government agencies do.
But how does the DOE have that bad of a security policy?
sheesh.

Cyber Warfare drills by the DoD and Intel Agencies


No mystery.

There is no such thing as Anonymous or al Qaeda for that matter.

It's interesting that most here dont understand the level of infiltration by the chinese into our computer systems. It's not just DOE, it's virtually every department of our government. Recently a set of guidelines were introduced for govt agencies and govt contractors who do business withthe govt. These security guidelines have been around for 2 years, are incomplete in their scope and have not beeb fully implemented acrossthe board.

The chinese are very good at this and americans dont even know. For goodness sakes, they are replicating our military arsenal with information they have gleaned!

This is old old news. And theres worse news that I'd be irresponsible for leaking. Lets just say that the chinese, in eavesdropping terms, have our govt completely surrounded and infiltrated. This is not conspiracy theory, its a fact.

The sooner we disconnect govt agencies from the internet the better. But that aint happening. Too many zombies who need google and facebook out there. Laughable security. Our once proud nation is now a chump for the chinese.