[sunflower]

Soooo, what do you guys think about the state department breach? Are you genuinely surprised? Because, quite frankly, I'm not.

[Spooky]

Do you have a link to an article or something to reference what you’re speaking on?

[mothered]

Do you have a link to an article or something to reference what you’re speaking on?

Here's the latest article at the time of this post.

https://www.cnbc.com/2021/08/21/us-state...weeks.html

[d4ggm4sk]

I think its cool any way of defying authority and breaking their systems is a sign of progress for the information sector.

[Dismas]

Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.

Article: https://threatpost.com/auditors-feds-poo...ap/168418/

[mothered]

Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.

If It were their very own personal credentials Included In the breach, It'd be a totally different story.

At the least, they'd Immediately upgrade their threat & Intelligence monitoring and put their cyber Incident response team Into action, Inclusive of cyber security training for all staff. Fine-tuning their honeypots (If any are In place to begin with), would also be part of their security measures.

[sunflower]

Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.

If It were their very own personal credentials Included In the breach, It'd be a totally different story.

At the least, they'd Immediately upgrade their threat & Intelligence monitoring and put their cyber Incident response team Into action, Inclusive of cyber security training for all staff. Fine-tuning their honeypots (If any are In place to begin with), would also be part of their security measures.

Do you really think they know what a honeypot is? I'm realllllly not surprised by this tbh.

[mothered]

Do you really think they know what a honeypot is? 

Probably not, hence the bracketed comment In my previous post:

(If any are In place to begin with)

[Boudica]

Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.

Article: https://threatpost.com/auditors-feds-poo...ap/168418/

I don't understand why people won't ensure money is spent on this stuff. You will never be an unbreakable fortress, but you can prevent stupid breaches. The problem with governmental sites and servers, is that EVERYTHING needs about 10 levels of approval. Encouraging change or upgrades to anything is immensely difficult. Perhaps streamlining their security upgrade process could be a place to start?