Tag Archives: DoJ

Get “Incident Response” Ready with Help from the DOJ

Being ready and able to effectively respond to a cyber incident is vital in terms of minimizing the resulting damages, but do you know what to do or where to look for assistance?

An effective response means having a plan before a cyber incident occurs. To help with your incident response planning efforts, the U.S. Department of Justice (“DOJ”) recently released a revised version of its “Best Practices for Victim Response and Reporting of Cyber Incidents” (Guidance). The DOJ’s Guidance was based on the real-life lessons learned by federal officials with input from private companies who managed cyber incidents.

The Guidance consists of four sections: Continue reading Get “Incident Response” Ready with Help from the DOJ

W3C Publishes New Website Accessibility Guidelines

The World Wide Web Consortium (W3C), a private organization which develops website accessibility standards, has published an update to its Web Content Accessibility Guidelines (WCAG 2.1).  WCAG 2.1 serves as an expanded version of the WCAG, adding 17 new “success criteria.”

W3C

The W3C has led the way for individuals with disabilities to fully access public websites and mobile apps, as well as other digital content and has become widely accepted as the standard for such technical requirements.

The consortium is made up of member organizations which maintain full-time staff that work to develop standards for the World Wide Web. The W3C also engages in education and outreach, develops software and serves as an open forum for discussion about the Web. Continue reading W3C Publishes New Website Accessibility Guidelines

DOJ Unveils Cyber-Digital Task Force Report

The Justice Department’s new Cyber-Digital Task Force has issued a report (Report) highlighting its comprehensive assessment of the Department’s work in the cyber area and an identification of how federal law enforcement can even more effectively accomplish its mission in the cyber world.

The Task Force, established by Attorney General Jeff Sessions in February 2018, will also focus on other cyberthreats facing the U.S., including attacks on infrastructure and privacy.

Unveiling the Report

Deputy Attorney General Rod Rosenstein unveiled the report, outlining a new policy for responding to foreign influence operations ahead of the midterm elections in November.

Speaking at the Aspen Security Forum in Aspen, Deputy Attorney General Rosenstein said, “Every day, malicious cyber actors infiltrate computers and accounts of individual citizens, businesses, the military, and all levels of government.” Continue reading DOJ Unveils Cyber-Digital Task Force Report

Department of Justice Hacked: Government Information Leaked

According to reports, the Department of Justice (DoJ) has been hacked and personal information of 29,000 government employees leaked. The hacker extracted 200GB of data from the DoJ, including names, job titles, email addresses, and phone numbers of over 20,000 FBI employees and over 9,000 Department of Homeland Security employees.

The hacker gave reporters at Motherboard access to the information that was stolen. The reporters called the phone numbers to check if the information was legitimate. In fact, many of the test calls went through to the correct voicemail and matched with the names listed in the database.

Both employee lists from the FBI and DHS have been leaked via a Twitter account. The DoJ hack is yet another in a string of widely publicized breaches of U.S. security.

Along with sharing access to the information taken from the DoJ database, the hacker detailed the attack to Motherboard reporters. He claims to have used social engineering tactics to compromise the email account of a DoJ employee – which was also used to contact the reporters.

Using that account, the hacker attempted to log into the DoJ web portal, but was denied access. He proceeded to call the IT department claiming he was a new employee and needed help accessing the portal. They asked him for his token, but after saying he didn’t have one, they let him use the department’s and gave him access.

The hacker was able to log in and enter the credentials of the hacked email account to access the online virtual machine and subsequently full access to the computer. This gave the hacker access to the user’s contacts, documents, local network, and databases.

Key Takeaways:

This hack is another common example of how human error can lead to a full scale data breach. Once again, it’s imperative to increase staff awareness regarding cyber threats. Educating your workforce on common threats like social engineering and phishing attacks is the best defense you can take.

With the IT department requesting a token, it shows that at the very least security policies and procedures were in place. However, it seems like that isn’t enough anymore. For access to highly sensitive information, using a ‘digital identity’ can prove to be effective against social engineering attacks.

For example, before granting a user access, organizations can check the user’s location, the time of day, the configurations of the computer, and antivirus tools in place. If everything checks out according to the ‘digital identity’ of the user, then access is granted. This is the logical trend of user authentication going forward with highly sensitive and confidential information.