[Infowarrior] - DHS HSIN hacked
Richard Forno
rforno at infowarrior.org
Sun May 17 18:15:25 UTC 2009
Information-sharing platform hacked
* By Ben Bain
* May 13, 2009
http://fcw.com/articles/2009/05/13/web-dhs-hsin-intrusion-hack.aspx
Homeland Security Information Network suffers intrusions
The Homeland Security Department’s platform for sharing sensitive but
unclassified data with state and local authorities was hacked
recently, a DHS official has confirmed.
The intrusion into the Homeland Security Information Network (HSIN)
was confirmed to Federal Computer Week by Harry McDavid, the chief
information officer for DHS’ Office of Operations Coordination and
Planning. McDavid said the U.S. Computer Emergency Readiness Team
reported an intrusion into the system in late March. The initial hack
was brief and limited, and it was followed by a more extensive hack in
early April, McDavid said.
The hacker or hackers gained access to the data by getting into the
HSIN account of a federal employee or contractor, McDavid said. The
bulk of the data obtained was federal, but some state information was
also accessed, he added, and the organizations that owned the data and
Congress were notified of the intrusion.
The files that were accessed contained administrative data such as
telephone numbers and e-mail addresses of state and federal employees.
However, an investigation into the incidents has found that no Social
Security numbers, driver's license numbers or financial data were
obtained, McDavid said.
Because HSIN is a sensitive but unclassified network “no information
can be posted on HSIN that would cause anything more than minor damage
to the homeland security mission,” he said, adding that none of the
accessed files dealt with the operations of either federal or state
agencies that use HSIN.
McDavid said he did not know of other successful hacks into the
platform. He called the tactics used to gain access to the user
account “very sophisticated.” However, he said the amount of data
accessed was relatively minor and that officials have been able to map
exactly what files were accessed.
“We immediately put in place a package of mitigation actions,” he
said. “One of those actions was to install two-factor identification
on certain accounts that would preclude this identical type of
intrusion from occurring again.”
Ongoing work to upgrade HSIN has allowed DHS to quickly deploy new
security measures to prevent similar intrusions from occurring,
McDavid said. DHS awarded a contract worth as much as $62 million in
May 2008 to upgrade HSIN to the HSIN Next Gen platform. Officials say
HSIN Next Gen will better meet users’ needs and improve security.
McDavid said DHS’ investigation into the incident found that no latent
malicious code or applications were left behind. In addition, he said
that although an authorized account was used to gain access to the
system, no HSIN users had been found to be at fault and officials are
working on a report about the hack for Homeland Security Secretary
Janet Napolitano. The report is expected to be completed this summer,
he said.
More information about the Infowarrior
mailing list