Feeds

back to article FBI sends memo to US.gov sysadmins: You've been hacked... for the past YEAR

Hacktivists allegedly affiliated with Anonymous have been covertly breaking into US government systems and pilfering sensitive information for nearly a year, the FBI warned last week. The attacks (which began last December and are thought to be ongoing) exploit flaws in Adobe's ColdFusion web app development software to plant …

COMMENTS

This topic is closed for new posts.
404
Bronze badge
Unhappy

Such enticing data

Just wait until the fattest database gets hit - healthcare.gov

3
1
Anonymous Coward

Re: Such enticing data

Actually, if they could first hack in and make the site stop being a total pile of cack, then they may get a bigger payday later on.

5
0
Gold badge
Unhappy

Re: Such enticing data

"Just wait until the fattest database gets hit "

Indeed.

When people find how much the Legislature is trousering for expenses I think they will be suitable annoyed.

4
1
Anonymous Coward

Re: Such enticing data

They've tried, they can't get in either.

5
0

Re: Such enticing data

3 guys working nights at the kitchen table coding - healthsherpa.com

Already done...

0
0
Bronze badge

They use coldfusion? Oh right I see, so thats who's using it!

7
1
Bronze badge
Coat

Boy, big.gov sure doesn't like it when the shoe is on the other foot, now, does it?

18
1
Bronze badge

But you don't understand.

They're doing it to PROTECT you. Don't you get it?

0
0
Anonymous Coward

Re: But you don't understand.

Oh, so they're doing it to protect Someone Else?

Figures, I sure don't feel any safer!

1
1
Bronze badge
Unhappy

@AC 18Nov2013,22:02 Re: But you don't understand.

Actually, neither do I...

0
0
Bronze badge

And how do they know about these vulnerabilities?

Because they put them there?

7
2
Silver badge

"exploit flaws in Adobe's ColdFusion web app development software"

Well at least adobe jumped right on it and issued a fix!

"which began last December and are thought to be ongoing"

Well... err... At least it didn't affect any of the properly protected government sites!

"10 attacks against US government systems, eight of which are blamed on ColdFusion exploits"

OH! Err... at least third party anti-malware/ exploit software vendors caught it!

(Qaz knows, they charge enough for the protection they provide!)

"the breaches have been publicised by Anonymous under the a campaign dubbed Operation Last Resort"

OK, Er... I'll shut up now! :/

2
0
Anonymous Coward

Adobe software is such crap. It's so expensive and yet full of holes.

4
0
Bronze badge

Adobe software is such crap. It's so expensive and yet full of holes.

And water is wet, ice is cool, the sky is blue, ...

I wonder what employee performing rating system they use...

0
0
Bronze badge

Employee Rating System

Its a 2 tiered system, comprising of Blamestorming, and Assmosis.

2
0

The software program is boosted by the knitting industry

programs for manufacturing "string vests".

The number of holes is conducive to helping you feel

warm and cosy.

0
0
Anonymous Coward

Faces up to 10 years ..

"The US Department of Justice at Eastern Virginia says Mr Love faces up to 10 years in jail if convicted of all the charges."

He would have got two years max if he'd killed someone ...

7
0
Silver badge

What really drives me nuts about this sort of thing is that the Feds often know what's going on, but don't say anything until they've milked every advantage they can from it. They'll watch crime happening, for months or even years until the determine if there's someone they can arrest and successfully prosecute. It's like letting a forest fire burn because there's a patch of poison ivy there.

One of our clients manages several DoD projects and they were hacked a few years ago. When the Feds came to tell him they also told him he'd been under attack for months but they didn't tell him so they could monitor everything and catch the infiltrators. Once they identified the perpetrators as being in an uncooperative country thus out of their reach, they decided to tell him about the breach.

A lot of taxpayer money was lost because there were doubts about what all had been compromised so projects, or large portions of them were scrapped or reworked. Stuff like that drives me crazy.

1
1

Your not wrong there. As is so often the case with District Attorneys and Attorney Generals, the next step up the rung in political life needs some extra attention-getting results, so yeah, they milk it for all it's worth, and more.

1
2
Silver badge

Speaking for the devil . . .

I'm going to make a gardening analogy to explain my position : if you have dandelions in your lawn, it's useless to just cut off the head - you need to dig out the root to put an end to it.

Similarly, from the FBI point of view, it may actually be justifiable to let crime continue until you can nail down the entity that is actually responsible for the actions, not just grab the thug doing the job. This supposes, of course, that it is a known fact that the thug is not acting on his own, and that the entity he his taking jobs from is worth pursuing.

I doubt that it takes months to check if illegal net activity comes from inside the country or outside, though, and it seems to me that, if it comes from outside, there's no reason not to come foreward about it.

It's not like the FBI can go arrest someone in another country, right ? Not yet, at least.

1
0
Anonymous Coward

Karma

Those arseholes force or strongly urge american companies to use less secure encryption & make back doors in their products so they can easily hack things & they then use the same shit..Brilliant of them.

They don't seem to understand that they are wrecking the software & hardware industries be cause pretty soon no one will want to buy their american products.

I am still waiting to see who will dump the most dirt on them because I think all that Edward got was just the tip of the iceberg. He probably had to run because he suspected they were looking at him.

2
1
Anonymous Coward

What's the big deal?

Dumb Bama can fix everything from cyber security to national health care or so he thinks. The results speak volumes about his incompetence.

0
4
Gold badge

Re: What's the big deal?

As I recall, the alternative was putting Sarah Palin a heartbeat away from personally commanding thousands of nuclear weapons. After that, your alternative was placing one of the most openly bigoted socipaths America has ever produced in the same position. (Pretty boy, not Cheney...though the Dark Lord did just wonders for your economy, didn't he?)

I'm not saying the Obumbler is fantabulous...but the available alternatives weren't merely disastrous, there were cataclysmic. Literally. Planetary cataclysm avoided with Palin and social cataclysm avoided with Ryan.

Mitt Romney Style!

5
3

(Not lice, not fleas but) Poly Ticks Re: What's the big deal?

Err, could we leave party polyticks out of this. I'm being eaten alive by the bloodsuckers.

0
0
Gold badge
Unhappy

Re: What's the big deal?

"Mitt Romney Style!"

Indeed.

Pro.

A politician you can't bribe.

Con.

Everything else?

1
0
Gold badge

Re: (Not lice, not fleas but) Poly Ticks What's the big deal?

What party politics? I'm Canadian. I have no "party" within the US. They're all bloody nuts, but some have recently been demonstrably more nuts than others.

2
1
Gold badge
Unhappy

Re: (Not lice, not fleas but) Poly Ticks What's the big deal?

"What party politics? I'm Canadian. I have no "party" within the US. They're all bloody nuts, but some have recently been demonstrably more nuts than others."

Indeed.

Time was you only had to know about the religious nut jobs.

Now you have the Swivel Eyed Loons of the "Tea Party," with their Trotsky style infiltration tactics. I'm sure US readers can identify other types for whom their prime "candidacy" should be that of a room with mattress wallpaper.

I think it was actually Richard Condon in The Manchurian Candidate (which is actually more a political satire and black comedy than a thriller) who noted politics is about who you get to do it to you, about 30 years before Douglas Adams.

0
1
Bronze badge
WTF?

So is it Monseigneur now?

I'm sure the guy feels flattered for being called a French dignitary, but wasn't his name actually "Monsegur"...?

0
0
This topic is closed for new posts.