+- Sinisterly (https://sinister.ly)
+-- Forum: General (https://sinister.ly/Forum-General)
+--- Forum: World News (https://sinister.ly/Forum-World-News)
+--- Thread: State Department Breach (/Thread-State-Department-Breach)
State Department Breach - sunflower - 08-22-2021
Soooo, what do you guys think about the state department breach? Are you genuinely surprised? Because, quite frankly, I'm not.
RE: State Department Breach - Spooky - 08-22-2021
Do you have a link to an article or something to reference what you’re speaking on?
RE: State Department Breach - mothered - 08-22-2021
(08-22-2021, 02:16 PM)ghostboy Wrote: Do you have a link to an article or something to reference what you’re speaking on?Here's the latest article at the time of this post.
https://www.cnbc.com/2021/08/21/us-state-department-reportedly-hit-by-a-cyberattack-in-recent-weeks.html
RE: State Department Breach - d4ggm4sk - 08-22-2021
I think its cool
any way of defying authority and breaking their systems is a sign of progress for the information sector.
RE: State Department Breach - Dismas - 08-23-2021
Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.
Article: https://threatpost.com/auditors-feds-poor-cybersecurity-dunce-cap/168418/
RE: State Department Breach - mothered - 08-23-2021
(08-23-2021, 07:06 AM)Dismas Wrote: Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.If It were their very own personal credentials Included In the breach, It'd be a totally different story.
At the least, they'd Immediately upgrade their threat & Intelligence monitoring and put their cyber Incident response team Into action, Inclusive of cyber security training for all staff. Fine-tuning their honeypots (If any are In place to begin with), would also be part of their security measures.
RE: State Department Breach - sunflower - 08-23-2021
(08-23-2021, 10:23 AM)mothered Wrote:(08-23-2021, 07:06 AM)Dismas Wrote: Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.If It were their very own personal credentials Included In the breach, It'd be a totally different story.
At the least, they'd Immediately upgrade their threat & Intelligence monitoring and put their cyber Incident response team Into action, Inclusive of cyber security training for all staff. Fine-tuning their honeypots (If any are In place to begin with), would also be part of their security measures.
Do you really think they know what a honeypot is?
I'm realllllly not surprised by this tbh.
RE: State Department Breach - mothered - 08-23-2021
(08-23-2021, 01:48 PM)sunflower Wrote: Do you really think they know what a honeypot is?Probably not, hence the bracketed comment In my previous post:
Quote:(If any are In place to begin with)
RE: State Department Breach - Boudica - 08-23-2021
(08-23-2021, 07:06 AM)Dismas Wrote: Government security practices have been audited in the past and it's shown that the number of threats is increasing, but their preventative measures aren't improving.
Article: https://threatpost.com/auditors-feds-poor-cybersecurity-dunce-cap/168418/
I don't understand why people won't ensure money is spent on this stuff. You will never be an unbreakable fortress, but you can prevent stupid breaches. The problem with governmental sites and servers, is that EVERYTHING needs about 10 levels of approval. Encouraging change or upgrades to anything is immensely difficult. Perhaps streamlining their security upgrade process could be a place to start?