Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Government Credentials on the Open Web

Follow up to Massive hack of federal personnel files included security-clearance database – related news – “Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains. As of early 2015, 12 of these agencies allowed some of their users access to computer networks with no form of two-factor authentication. This scenario heightens the risk of cyber espionage, crime, or attack for these agencies. This data was identified through open source intelligence (OSINT) collection and analysis of 17 paste sites including Pastebin.com over a one year period ending in November 2014. Recorded Future shared this information with the majority of affected agencies in late 2014 and early 2015. At the time of our analysis, the Department of Energy had the widest exposure, with email/password combinations for nine different domains identified on the open Web. The Department of Commerce was the second hardest hit with seven domains suffering exposures.”

Sorry, comments are closed for this post.