Pentagon E-mail System HACKED


The Pentagon got owned pretty hard with 1,500 accounts being taken offline due to a hack attack. For once however they did admit the incident and didn’t try to cover it over or brush it off.

I guess the amount of attacks they get is exponentially more than other networks…but still, I would have thought they should be super secure.

About 1,500 unclassified e-mail users at the Pentagon had their service disrupted yesterday when a hacker infiltrated the e-mail system, forcing the accounts to be taken offline.

In a briefing today with reporters in Washington at the Pentagon, Secretary of Defense Robert M. Gates confirmed the incident and said that the users were disconnected from the system after the intrusion was discovered.

“The reality is that the Defense Department is constantly under attack,” Gates said during the briefing. “Elements of the [Office of the Secretary of Defense] unclassified e-mail system were taken offline yesterday afternoon, due to a detected penetration. A variety of precautionary measures are being taken. We expect the system to be online again very soon.”

The funny thing is the Secretary of Defense himself doesn’t even use e-mail…so I doubt he even noticed what had happened.

Hopefully the government will sharpen up it’s ideas.

Gates said that he was not sure why the 1,500 users were removed temporarily from the system. “Well, I don’t know the answer to that, and they’re still investigating it.”

Gates said he doesn’t use e-mail, so he didn’t know if his account was affected.

“I don’t do e-mail,” he said. “I’m a very low-tech person.”

A spokesman at the Department of Defense late this afternoon said he had no additional information about the incident.

This comes shortly after the GAO (Government Accountability Office) report slamming FBI Internal Security.

Source: Computer World

Posted in: Hacking News

, ,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


13 Responses to Pentagon E-mail System HACKED

  1. gyaresu July 10, 2007 at 9:36 am #

    Well that was bound to happen. Who would like to bet they don’t use keys for email verification hmmm?

  2. SN July 10, 2007 at 12:34 pm #

    That is am amazing story. I wondor what was compromised.

    -SN

  3. backbone July 10, 2007 at 2:52 pm #

    gyaresu, your right… every person would do the same because they would feel secure having there email account on a pentagon server… this is the illusion of security…

  4. gyaresu July 10, 2007 at 11:05 pm #

    Monkeys got nukes. Sigh.

  5. Sandeep Nain July 11, 2007 at 1:46 am #

    and I assumed pentagon must be having the best sysadmin and most hardened servers…. silly me :)

  6. wyatt July 11, 2007 at 3:23 am #

    The pentagon is a joke

  7. gyaresu July 11, 2007 at 4:25 am #

    Great example to show clients. That and the myspace activeX virus from last year.

  8. backbone July 11, 2007 at 12:46 pm #

    no wyatt, there sysadmin is a joke =)

  9. gyaresu July 11, 2007 at 1:02 pm #

    No backbone: ‘their’.

  10. backbone July 11, 2007 at 2:27 pm #

    hey gyaresu, don’t correct me, I am not a native English speaker, so mistakes are accepted :

  11. gyaresu July 11, 2007 at 9:45 pm #

    No offence meant backbone. Just a repetition joke based on correcting the corrector.

    I should have had smileys or similar to make that clear. I apologise.

  12. backbone July 11, 2007 at 9:50 pm #

    It was no offense gyaresu, only I cannot understand ironic jokes in plain-text format… And from the way I replied it doesn’t look as I was offended, I tried making up an excuse for myself for not trying hard to write correctly ;)

  13. gyaresu July 11, 2007 at 10:40 pm #

    Right then. Comments apology war! /smiley