The Connection, Inc Blog

The Connection, Inc has been serving the New Jersey area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

This NSA Employee Made a Mistake. How Hackers Exploited it is Worrisome

This NSA Employee Made a Mistake. How Hackers Exploited it is Worrisome

One of the biggest hacks of 2016 was the United States National Security Agency, by a hacking group calling themselves the Shadow Brokers. This hack came to light after tools belonging to the NSA were discovered on the black market. How could a data breach of this magnitude happen to one of the most secure IT systems in the world? Newly released evidence may provide the answers.

An investigation performed by the FBI points to the source of the hack coming from an individual associated with the NSA, like an employee or a contractor. However, unlike the infamous NSA-employee-turned-fugitive case of Edward Snowden, it looks like this most recent data breach wasn’t an attempt at whistleblowing. Instead, it’s more likely that the breach resulted from the sloppy handling of sensitive files.

Whether the mishandling of the NSA files was an intentional act or not has yet to be determined. Although, what we do know is how they were mishandled. Apparently, the responsible party left the tools on a remote computer during an operation--three years ago! If the tools were removed from the remote PC like they were supposed to be, this whole crisis could have been avoided. To say that this is unfortunate is an understatement, seeing as the stolen tools allow users to exploit systems from Fortinet Inc. and Cisco Systems.

Since the news of the hack became public knowledge, patches for these systems have been released, thus minimizing the damage that can be enacted by hackers using the stolen tools. Although, as is the nature of security patches, organizations that put off installing them will continue to be at risk until they do so, giving hackers ample motivation to seek out and exploit these negligent companies.

Currently, the FBI is looking into the possibility that the employee intentionally left these tools exposed so the Shadow Brokers could obtain them. However, the information thus far points to the employee making an honest mistake, seeing as the worker reported their mistake shortly after making it. Considering then how these events played out, the NSA actually comes out looking bad since they didn’t report the threat to the affected software manufacturers after learning about it; another misstep that could have resolved the problem much sooner.

The takeaway here for business owners is how easy it is for an innocent mistake by you or one of your employees to put your company’s sensitive information at serious risk. Often times, much attention and resources are given to protecting an organization from external threats, like hackers of the Shadow Broker nature, while too little attention is given to training staff on how to properly handle data. When it comes to having an airtight cybersecurity plan, your company must protect itself from every threat, and from every angle.

To make sure your network is fully protected, reach out to The Connection, Inc at (732) 291-5938.

Tip of the Week: Avoid Buyer’s Remorse By Renting ...
Shhhh! Library of Congress Hacked
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, 22 November 2024

Captcha Image

Blog Archive

Mobile? Grab this Article

QR Code

Free Consultation

team work

Interested in seeing what we can do for your business? Contact us to see how we can help you!

Sign Up Today!

News & Updates

The Connection, Inc. Celebrates 32 Years as a Trusted Technology Provider!   Since our founding in 1992, technology and the way we operate and do business has changed a lot. Companies that have adapted and aligned themselves with ...

Contact us

Learn more about what The Connection, Inc can do for your business.

The Connection, Inc
51 Village CT
Hazlet, New Jersey 07730