Hackers have once again targeted the government, forcing theU.S. Department of State to scramble to ensure its data is protected.
Large-scale computer break-ins have occurred over the past several weeks, according to published reports, but the department is confident no sensitive data has been compromised, spokesperson Edgar Vasquez told TechNewsWorld.
The department’s headquarters and offices dealing with China and North Korea were the main targets of this incident, according to press accounts, but Vasquez termed that speculation and said the investigation is continuing.
“We’re confident in the case of this incident — and others like it — that we’ve safeguarded both the department’s and our employees’ personal data from those who would attempt to steal it,” Vasquez said. “Despite our confidence that our system has not been compromised, we’re taking extra steps, such as changing passwords and modifying certain administrative procedures, to provide extra measures of security.”
Changing passwords is an important part of security protection. Agencies should have a policy in place compelling employees to change passwords on a regular basis — roughly every three months. Also, they should be instructed to change them whenever information may be compromised, Michael Gavin, senior analyst at Forrester Research, told TechNewsWorld.
When a company suspects a security breach, changing passwords helps it to discover which accounts are being surreptitiously used, since legitimate users make the requested alterations, John Pescatore, vice president of Internet security and distinguished analyst at Gartner, told TechNewsWorld.
Disabling all remote access while investigating whether the hackers have installed malicious software into the system — like rootkit technology that makes itself part of Windows — is also extremely important, he said.
This latest computer break-in at the State Department comes just a few weeks after the Department of Veterans Affairs reported recovering a stolen laptop that contained sensitive information on millions of veterans and military personnel. Although security attacks against government entities are nothing new, the attacks are getting more sophisticated and more targeted, according to Pescatore.
“The State Department is a pretty high-priority target from years ago. You’d think they’d be doing the highest security possible,” Pescatore said. “But there’s a lot of users at the State Department who are very powerful people. … Some power users say encrypting data is too complicated — it slows things down. Many companies take their chances until they have a problem. It’s human nature — you don’t fix the leak in the roof until after the rain.”
While some companies are learning from the misfortunes of others or being forced to comply by auditors, most don’t take action until a breach occurs. “Nobody believes Chicken Little until the sky actually falls,” Pescatore remarked.
Before such breaches occur, agencies must have the proper controls in place to shorten the time it takes to realize there is a problem, Gavin added.
“They have to figure out how these people got in and make sure they put controls in place to prevent it from happening again,” he said. “The government has put a lot of time and energy into protecting themselves, but it’s a largely dispersed organization, and you need [to have] a consistent security policy across the board — and to have each organization implement it.”