In addition to the standard two forms of identification, offer letter and contact information, new hires at the U.S. Department of Education are required to bring along a certificate of completion for cybersecurity training course. A recent internal investigation shows why that training is probably a pretty good idea. In a previously undisclosed probe into a 2011 “spear phishing” campaign, hackers targeted senior staff and managed to break through the department’s security protections to steal data from the department. Much about the incident, which was described in documents released through a Freedom of Information Act request by Federal Times, remains…
Browsing: hackers
Did you get a letter this week informing you that your Social Security number and other personal information was stolen in last July’s hacking of a Thrift Savings Plan data center? If so, Federal Times would like to speak to you. E-mail me at slosey@federaltimes.com if you’d like to talk. If you’d prefer to speak anonymously, that’s fine.
We’ve done a lot of reporting on cybersecurity over the past few months (cf here, here and here), mostly focused on defense — how the federal government protects itself against intruders. But the government is also improving its offensive capabilities, a story that gets far less coverage. The New York Times has an interesting article about it this morning: President Obama is expected to propose a far larger defensive effort in coming days […] But Mr. Obama is expected to say little or nothing about the nation’s offensive capabilities, on which the military and the nation’s intelligence agencies have been…