07 August 2007 | 6,382 views

The Homeland Security Department Suffered More Than 800 Successful Hack Attacks

Check For Vulnerabilities with Acunetix

Not just attempts, but 844 successful intrusions over the past two years, quite a scary statistic no?

They are actually having a subcommittee hearing entitled “Hacking the Homeland”.

This includes all kinds of intrusions including web site hacks, viruses, worms and other kinds of intrusion.

DHS and its constituent agencies have suffered more than 800 serious computer security incidents from 2005 through 2006, including compromised agency Web sites, unchecked computer virus and worm infections, and digital intruders that were quietly transmitting stolen data out of government networks. The panel also will examine reports of system compromises that lead to “classified data spills” within DHS.

House Homeland Security Committee Chairman Rep. Bennie Thompson (D-Miss.) said what DHS is doing on its own networks speaks so loud that its message on the importance of securing computer systems and networks is not getting across to anybody else.

They’ve spent a lot of money on security, perhaps in all the wrong places. I guess it’s time they hire people like us to tell them what to do eh?

It’s definitely a case of “Do what I say, not what I do” – a recipe for disaster.

The committee also is expected to quiz department leaders on spending such a small amount of its total information technology budget on security. According to data handed over to the committee, DHS’s chief information security officer’s budget shrank or remained stagnant over the past three years, even in the face of persistent security problems at the agency. In 2005, DHS allocated just $17.5 million for its CISO office, a figure that fell to just $15 million in FY2007.

Like several other agencies this year, DHS earned a grade of “D” on meeting federal cyber-security requirements. But many critics of that grading process say the law that the marks are based upon – the Federal Information Security Management Act (FISMA) – more accurately measures how adroitly agencies can tackle paperwork exercises, not necessarily the strength of each agency’s network and computer defenses.

I’m sure everyone is interested to hear exactly what is going on at Homeland.

This story seems to have been pulled off a number of original sources too, which I find a little odd – I had to hunt a little to find another version.

Source: Tech Target



Recent in General News:
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords
- More Cyberterrorism – Taiwan Political Party Accuses China of Hacking

Related Posts:
- Homeland Security Scores an F for Internal Security AGAIN
- DOE Hit By Hackers and Covered Up
- Homeland Security Uncovers Critical Flaw in X11

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,068 views
- eEye Launches 0-Day Exploit Tracker - 85,056 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,464 views

Advertise on Darknet

19 Responses to “The Homeland Security Department Suffered More Than 800 Successful Hack Attacks”

  1. Ian Kemmish 7 August 2007 at 6:51 am Permalink

    This should not be any real surprise. DHS is intended to make people feel more secure, not to make them physically more secure. The DHS’s single most visible initiative – fingerprinting anyone who arrives in the USA through a major airport – would not have caught a single one of the 9/11 attackers.

  2. morbid 7 August 2007 at 10:14 am Permalink

    I think that’s an homemade problem most gouvernments worldwide suffer from. Making law’s against hacker and “hacker tools”, which results in pentester can’t do their work legally anymore, this results in a decline of gouvernemnt, which leads to the fact, that they don’t work for the gov’s anymore.
    Sounds a bit odd but has happened. I recently spoke to a friend of mine who is pentester and some german gov. agencys where his clients, after publishing the new “anti hacker tool law” he stoped working for them.

  3. Nobody_Holme 7 August 2007 at 12:52 pm Permalink

    Best advice for governments ever, leave a fairly low-security section of network open with “if you hacked this file, we’ll hire you to secure our networks” in it… or some such. also, go fix some laws.

  4. Steve Walcott 7 August 2007 at 3:05 pm Permalink

    It’s kinda scray that the people yould would expect to be most secure as well as protect our data, are the ones with the poorest security in place.

    But the is an old addage that a shoe maker does own the worst pair of shoes.

  5. Rich Hall 8 August 2007 at 2:55 am Permalink

    Not surprising, but frightening nonetheless. The usual government incompetence at work. I work in a building the houses a DHS office. We were working with MCI to terminate some new high circuits in the basement and were chucking to see the feeds for DHS clearly marked “Department of Homeland Security”. Now the basement of this office tower is not exactly public access, but it would not be difficult to wander down there undetected. None of the access was locked. Sure there were cameras, but if I were up to no good I’d probably arrive a little before 6AM when the one security guard usually naps at his post. I don;t know about you, but I certainly feel more secure!

  6. Sandeep Nain 8 August 2007 at 3:41 am Permalink

    Well its not the first time when any government deptt is hacked. it has happened earlier and keep happening in future too even though they allow a huge budget for information security.

    The money spent on security (in papers) usually go to official’s bank accounts… well actually they are spending money on security but not information security but their own financial security.

    I hope they will start worrying about the info security soon enough and take measures to protect themselves from attackers

  7. TheRealDonQuixote 8 August 2007 at 11:42 pm Permalink

    The American DHS is pure window dressing. I mean what do you expect from the same department that STILL hasn’t secured the US ports OR Airports. They sold out the Airport security jobs to private firms at the lowest bid!! It wouldn’t surprise me if they have the Geek Squad working on all their PC’s and servers.

    Sorry, I have my issues with how US security has been handled since 9/11.

  8. Sandeep Nain 9 August 2007 at 4:57 am Permalink

    Yeah i full agree with you TRDQ. US govt’s security measures are just not reliable…
    By any chance.. have you seen the movie “The Pentagon Wars”. its a small comedy by one of the retired US Airforce Officer about the corruption inside.. a must watch…

  9. TheRealDonQuixote 9 August 2007 at 6:33 am Permalink

    Sandeep: I haven’t seen that film yet, but I think I have heard of it. However, I have had an Airport “Rent A Cop” absentmindedly pat me down and miss that I sitll had my cell phone in my pocket!! Minimum wage is no way to pay a true security guard.

  10. Sandeep Nain 9 August 2007 at 6:49 am Permalink

    U r right TRDQ, more sugar you put in it, sweeter its gonna become..

    u hire a reputed security agency u will get beter secuity guards and better efforts… staff members feel that they are being paid more to work better and responsibly

  11. TheRealDonQuixote 9 August 2007 at 7:09 am Permalink

    Or use regular Armed Forces like they do in Holland!!

  12. Nobody_Holme 9 August 2007 at 12:00 pm Permalink

    but that would be a sensible, low cost solution, and we all know how often governments take those…

  13. Sandeep Nain 9 August 2007 at 1:42 pm Permalink

    That will definitely be a low cost solution but the problem with this solution is that it will be corruption free too.

    No tenders, No money making for decision makers…

  14. Daniel 16 August 2007 at 1:41 am Permalink

    @Nobody and Sandeep

    LOLOLOLOLOLOLOLOLOLOLOL ROFLCOPTER
    sarcastic auditing of US politicians’ corruption FTW

    @the story

    I officially bang my head on my keyboard on behalf of all americans.

    jnhuim vbghyyuhn bj

    ^the result

  15. Nobody_Holme 16 August 2007 at 1:13 pm Permalink

    not just US politicians. we have them here in the UK too. :(

  16. Sandeep Nain 17 August 2007 at 12:16 am Permalink

    well.. this is not the problem with one country…

    i have never come across any politician in my life who was not corrupt (india/aus/nz/us). are there any tech savvy politicians??? i don’t think so…

  17. Nobody_Holme 17 August 2007 at 1:56 pm Permalink

    There are two I know of… they’ve both lost elections recently…

  18. TheRealDonQuixote 25 August 2007 at 12:48 am Permalink

    @Nobody_Home
    At least your UK politicians sound all cool cause of their posh accents.

    Meanwhile, the US commander and chief just compared the war in Iraq to the Vietnam war, like it was a good thing?!?!WTF?!?! While in the same speech, to a group of war vets no less, he mispronounced “nuclear” as “new-cue-ler” multiple times.

    FTW – G W Bush as most retarded politician in the WORLD!! EVER!!

  19. Nobody_Holme 25 August 2007 at 1:48 pm Permalink

    *sigh* politicians in general.
    Bush is a shining example of who i really really think should be culled for the sake of the gene pool, but brown really isn’t that much better…
    And whats worse is we brits are used to the cool accents. :'(