“As promised, members of the Anonymous hacking movement have released hundreds of megabytes of documents that they say were stolen from government security contractor ManTech.
The data released on the Pirate Bay file-sharing site late Friday contain nearly 400 megabytes of documents -- spreadsheets, résumés, planning documents, even photographs -- that appear to have come from the government contractor….
Anonymous said it was releasing the data to embarrass the government contractor, which recently signed a five-year deal to provide managed security services for the U.S. Federal Bureau of Investigation.”
The list of government agencies and contractors that have been hacked by the group Anonymous is nothing short of astounding. From Apple to NATO, and from India to Turkey, the hacking headlines continue on almost a daily basis.
Yes, some of suspected Anonymous hackers were recently arrested. Still, many more appear to be at large.
In a related turn of events, Anonymous computers were hacked by a former member named Ryan Cleary, who was reportedly angry with the group’s governance structure. According to one UK website, Mr. Cleary and some friends had now formed a splinter hacking group.
If you are feeling a bit uneasy by these events – you're not alone. All of this hacking seems far to easy, although the skills and abilities of these illegal organizations should not be underestimated. As I have stated in numerous blog entries over at CSO.com (see: Lohrmann on GovSpace), the bad guys are way ahead of the good guys right now. This is a battle which won’t be ending soon.
What’s can be done by state and local governments? Network World offered these “7 Ways to Avoid Being Hacked by Anonymous.” It’s a nice list, but offers the same basic advice given to governments and corporations for several years. We all need better passwords, security patches and end-user awareness training – and yes, it is difficult to keep these things going over the long-term. The hackers only need to be right once - but our job never ends.
On a more personal note, this latest ManTech hack hits a bit closer to home. I’ve received several emails over the past few days saying things like, “Check this out - didn’t you work for ManTech?”
Yes, I did work for ManTech as a Technical Director for four years in UK in the mid-1990s, and I still have friends there. They are a good company, and I have many fond memories of our life in North Yorkshire, England. I certainly wish them all the best as they recover from this situation.
Any thoughts you can share on the recent string of hacking attacks? Any stories to share about what your government is doing to protect citizen information?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.