July 31, 2011 By Dan Lohrmann
“As promised, members of the Anonymous hacking movement have released hundreds of megabytes of documents that they say were stolen from government security contractor ManTech.
The data released on the Pirate Bay file-sharing site late Friday contain nearly 400 megabytes of documents -- spreadsheets, résumés, planning documents, even photographs -- that appear to have come from the government contractor….
Anonymous said it was releasing the data to embarrass the government contractor, which recently signed a five-year deal to provide managed security services for the U.S. Federal Bureau of Investigation.”
The list of government agencies and contractors that have been hacked by the group Anonymous is nothing short of astounding. From Apple to NATO, and from India to Turkey, the hacking headlines continue on almost a daily basis.
Yes, some of suspected Anonymous hackers were recently arrested. Still, many more appear to be at large.
In a related turn of events, Anonymous computers were hacked by a former member named Ryan Cleary, who was reportedly angry with the group’s governance structure. According to one UK website, Mr. Cleary and some friends had now formed a splinter hacking group.
If you are feeling a bit uneasy by these events – you're not alone. All of this hacking seems far to easy, although the skills and abilities of these illegal organizations should not be underestimated. As I have stated in numerous blog entries over at CSO.com (see: Lohrmann on GovSpace), the bad guys are way ahead of the good guys right now. This is a battle which won’t be ending soon.
What’s can be done by state and local governments? Network World offered these “7 Ways to Avoid Being Hacked by Anonymous.” It’s a nice list, but offers the same basic advice given to governments and corporations for several years. We all need better passwords, security patches and end-user awareness training – and yes, it is difficult to keep these things going over the long-term. The hackers only need to be right once - but our job never ends.
On a more personal note, this latest ManTech hack hits a bit closer to home. I’ve received several emails over the past few days saying things like, “Check this out - didn’t you work for ManTech?”
Yes, I did work for ManTech as a Technical Director for four years in UK in the mid-1990s, and I still have friends there. They are a good company, and I have many fond memories of our life in North Yorkshire, England. I certainly wish them all the best as they recover from this situation.
Any thoughts you can share on the recent string of hacking attacks? Any stories to share about what your government is doing to protect citizen information?
Building effective virtual government requires new ideas and hard work. Security professionals need to be enablers of innovation. From helpful Internet training to defending cloud computing architectures to securing mobile devices, Dan Lohrmann will cover what's hot and what's not in protecting your corner of cyberspace.