US Department of Energy Hacked; Employee Data Lost

Originally posted by Gridrebel

Originally posted by CaticusMaximus
I think these hackers should do the nations people a favor and do something very meaningful, like wiping out all student loan information / debts.

Now Im not sure how exactly that information is stored or if its possible to do... but Id like to see something more than employee personal data being hacked.

That AND IRS debt and all history so it couldn't be recovered!

Old school. Nowadays they sit on the network, occaisonally phone home for command and control instructions, and trickle data out. Stealth isthe name of the game. In one case I worked on the network had been infected from 1 particular attack for almost a year before it was noticed. And this was a very security conscious contractor, not a govt agency. Govt agencies are so easy to hack. The primary attack vector is email and the way it is utilized as an attack method is not simplistic. First they spend up to 6 months mapping out the chan of command. Then they create a gmail or yahoo account withan email id that sounds like someones name whos in charge. An email is sent to a subordinate of this person with an attachment on avalid internal project. When the innocent secrettary or whatever opens the attachment, bingo. A zero day is launched. The infected PC now phones home to say "I'm in!". from there it goes back iand forth using innocent websites as a dropbox for sending info and receiving instructions. This process happens over days, weeks and months. By the time its detected it has planted other morphed code on other systems as sleepers. You may find and eradicate the initial infection but the sleepers may not wake up for months to continue the work. Pretty hopless once they are in. Most companies arent willing to take the drastic steps required to eradicate these infections.

Originally posted by Mike.Ockizard

Originally posted by Gridrebel

Originally posted by CaticusMaximus
I think these hackers should do the nations people a favor and do something very meaningful, like wiping out all student loan information / debts.

Now Im not sure how exactly that information is stored or if its possible to do... but Id like to see something more than employee personal data being hacked.

That AND IRS debt and all history so it couldn't be recovered!

Old school. Nowadays they sit on the network, occaisonally phone home for command and control instructions, and trickle data out. Stealth isthe name of the game. In one case I worked on the network had been infected from 1 particular attack for almost a year before it was noticed. And this was a very security conscious contractor, not a govt agency. Govt agencies are so easy to hack. The primary attack vector is email and the way it is utilized as an attack method is not simplistic. First they spend up to 6 months mapping out the chan of command. Then they create a gmail or yahoo account withan email id that sounds like someones name whos in charge. An email is sent to a subordinate of this person with an attachment on avalid internal project. When the innocent secrettary or whatever opens the attachment, bingo. A zero day is launched. The infected PC now phones home to say "I'm in!". from there it goes back iand forth using innocent websites as a dropbox for sending info and receiving instructions. This process happens over days, weeks and months. By the time its detected it has planted other morphed code on other systems as sleepers. You may find and eradicate the initial infection but the sleepers may not wake up for months to continue the work. Pretty hopless once they are in. Most companies arent willing to take the drastic steps required to eradicate these infections.

Yep, agreed. You know what you're talking about too, I can tell.

Does the CID still get involved in cyber-crimes, if ya know?

Here's something to add to the discussion:

6 Reasons Hackers Would Want Energy Department Data

Among the 6 reasons listed... I find there are only 4 ... one of them is listed thrice - but for a different exploiter or phase of exploitation:

1. Spies Seeking Nuclear Secrets
   
2. Intelligence Services Out To Catalog Real Identities
   
3. Prepping Spear-Phishing Attacks
   
4. Hacktivists Promoting A Cause
   
5. Financial Crime Syndicates Seeking Identity Information
   
6. Revenge For Stuxnet
   

Number 1 seems straight forward enough. It seems silly though. Why would you keep highly classified nuclear secrets on an machine connected to the internet? One would think a simple operational response to the vulnerability would be to isolate those systems with target information physically.

Number 2 is also very mundane. Other intelligence agencies desire to know exactly "who" is in the system, so they can leverage that information towards either malevolent exploitation of the information, or to keep tabs on US activity. In either case, it seems foolish to assume that anyone on the internet who says "I have nuclear secrets" actually does. But you won't know the truth if you don't investigate... and we already know that even beloved allies like Israel spy on the US more vigorously (and successfully) than many of our alleged enemy states or "entities."

Number 3 is really only "part" of "why." Spearfishing is the act of tagging a know access point with a trojan that allows you access to their system. It is, in fact the same thing as number 1 and 2... ultimately the goal is to access the system. Not so much a reason, as a means to hack the DOE.

Number 4 is the least concrete 'reason' since one would have to assume that such a hacker could measure their success by simply 'annoying' government security authorities. The key to this reason is publicity... which in none of the other cases, serves the exploiter.

Number 5 deals with "black-market resellers"... so really their 'reason' is their potential 'clients' reason... take your pick.

Number 6 ... revenge? Again... how do you measure success here? I don't know.

The author does not mention another candidate (perhaps understandably) Corporate Espionage.... for financial investment or research and development gain.... why that doesn't make the list I'll probably never know.

reply to post by Maxmars


Interesting list!! #2 has been at the top of my radar since I first read this thread. ID key researchers and those who would have the most access to critical information or materials. This opens for door to undue influence and even possible threats against family and loved ones. To get more diabolical they could also produce a hit list of key researchers. Similar to the assassination of key Iranian Nuclear Scientists when 2011 was a bad year for at least 4 of their scientists. The finger has long been pointed at CIA, Mossad, MI6 for those killings. Perhaps they are setting up for revenge...

Only time will tell....

Originally posted by grey580
This always makes me scratch my head.
In this day and age how do you not have a security policy?
I know that many Government agencies do.
But how does the DOE have that bad of a security policy?
sheesh.

There is no real security, what so ever. Just pretend security to make it appear there is to the novice.

Corporation X gets a contract to install security cameras in location X. They install them, collect the money.

Security Cameras never work. Government tries to go after company.........companies gone.


The Governments been relying on Contractors......because Govt. doesnt have money to do things. They award contracts to people to do things........and don't pay them. They'll rely on that contractor getting loans to keep itself going....and eventually pay them a portion of what they were supposed to get. The company never gets enough money to pay off its loans to accomplish what the Govt. wants.....

irrate contractor steals info so they can try and use it to generate money to pay off loan sharks.

Talk to anyone who's ever been into contracting with the Federal Govt.. Da money don't come. If the Government can't pay all its contractors....it has no security.

The sole reason they went to all those contractors is because the Govt. no longer had the $$$ to do all it needed to do....that's the day it lost alll its security.

There is not 1 secure thing in the United States. Essentially there IS NO United States anymore.
Why did the 3HO Muslim/Hindu Cult with a "Waco Style" compound in Arizona get all those Security contracts?

Wasn't because they did a good job....they were the ones who were supposed to be guarding the Federal Building in Oklahoma City that went boom.

How'd a religious cult get that Security Contract over allll those Federal Buildings?????

They're somehow getting money somewhere's to provide what the Government needs....how are they getting that money???.........by crook.

reply to post by Philippines


They may with the military. I work with branches of Gvt and their contractors. The FBI and psuedo-govt companies are the ones working with the contractors and the Gvt agencies relationships with vendors. By psuedo govt I mean those companies posing as private industry that are actually govt fronts. If you read much you'll know who they are.

Funny thing (sad really), one of their analysts (worked for a psuedo govt org) told methey had been breached via email. The organizations upper mgt wouldnt allow real cleansing of systems because of cost/downtime (among other issues). So they just sir and wait for the sleepers to wake up and hope they catch them. For the email vector there was really no way, other than prohibiting urls and attachments. Again upper eschelon said no. So they actually have an army of people screening emails destined for the really important folks on top of the other intrusion detection/prevention automated systems. My jaw hit the floor when I heard that.

Originally posted by Pervius

Originally posted by grey580
This always makes me scratch my head.
In this day and age how do you not have a security policy?
I know that many Government agencies do.
But how does the DOE have that bad of a security policy?
sheesh.

There is no real security, what so ever. Just pretend security to make it appear there is to the novice.

Corporation X gets a contract to install security cameras in location X. They install them, collect the money.

Security Cameras never work. Government tries to go after company.........companies gone.


The Governments been relying on Contractors......because Govt. doesnt have money to do things. They award contracts to people to do things........and don't pay them. They'll rely on that contractor getting loans to keep itself going....and eventually pay them a portion of what they were supposed to get. The company never gets enough money to pay off its loans to accomplish what the Govt. wants.....

irrate contractor steals info so they can try and use it to generate money to pay off loan sharks.

Talk to anyone who's ever been into contracting with the Federal Govt.. Da money don't come. If the Government can't pay all its contractors....it has no security.

The sole reason they went to all those contractors is because the Govt. no longer had the $$$ to do all it needed to do....that's the day it lost alll its security.

There is not 1 secure thing in the United States. Essentially there IS NO United States anymore.
Why did the 3HO Muslim/Hindu Cult with a "Waco Style" compound in Arizona get all those Security contracts?

Wasn't because they did a good job....they were the ones who were supposed to be guarding the Federal Building in Oklahoma City that went boom.

How'd a religious cult get that Security Contract over allll those Federal Buildings?????

They're somehow getting money somewhere's to provide what the Government needs....how are they getting that money???.........by crook.

Hate to burst your bubble but theres not much truth in anything you just said. Govt contracts are a gravy train. The Govt pays bills on time with few questions. Many contractors come back and get new contracts even after screwing up on other jobs. THis has been going on forever and anyone thattakes a single contract and tries to, pull a "companies gone", are one-off idiots who dont really want to make money. On top of that it aint so easy to hide from the Govt unless you manage to get out of the country. Even then, in some cases, they will get you. I can make more money doing less work, for the US Govt than any other industry I know of. The only reason I dont is that I actually enjoy the work I do and continuing challenge.

As far as contractors stealing secrets, theres less need for them except in ultra secure environments. Why pay for the information when you can get some underling that sits in chinese internet cafes to get it for you for free?

In an earlier post I mentioned pretty much all agencies have been penetrated. I said "almost all". Your contention that "There is not 1 secure thing in the United States." is not accurate. Ever been to Langley? How about NSA in Ft Meade? I havent but I know some that have. Not going to hear me say they arent secure. And then theres the ever famous Area 51....

So many talk so much BS here on ATS like they really know something. Doesnt help the information stream when you pollute it.

Originally posted by Mike.Ockizard
reply to post by Philippines

 

They may with the military. I work with branches of Gvt and their contractors. The FBI and psuedo-govt companies are the ones working with the contractors and the Gvt agencies relationships with vendors. By psuedo govt I mean those companies posing as private industry that are actually govt fronts. If you read much you'll know who they are.

Funny thing (sad really), one of their analysts (worked for a psuedo govt org) told methey had been breached via email. The organizations upper mgt wouldnt allow real cleansing of systems because of cost/downtime (among other issues). So they just sir and wait for the sleepers to wake up and hope they catch them. For the email vector there was really no way, other than prohibiting urls and attachments. Again upper eschelon said no. So they actually have an army of people screening emails destined for the really important folks on top of the other intrusion detection/prevention automated systems. My jaw hit the floor when I heard that.

edit on 7-2-2013 by Mike.Ockizard because: (no reason given)

I was wondering about CID, I had a run in with them about a decade ago I know what you mean as front companies as well since an early age, my grandfather used to fly for a company called Southern Air Transport. He did some crazy things to leave it at that.

And on this part:

So they actually have an army of people screening emails destined for the really important folks on top of the other intrusion detection/prevention automated systems.

Lol I feel the same way... amazing. At the same time, at least they know their faults and have enough money and sense to do something about it. What kind of clearance do the screeners get? They must read some mind blowing things.

reply to post by Philippines


I know... "honey, dont email me about how horny you are. The girls in the office are looking at me funny"