Monday, 29 June 2015

FBI Warns Of Malicious Hackers US Government

The FBI has a bulletin distributed among companies that warn of malware that attackers have used to break up the network of a US government agency and, where possible, the sensitive data of tens of millions of civil servants were stolen.

It's about the burglary at the Office of Personnel Management (OPM), where attackers managed to steal twice data. At the first break of the personal data of 4.2 million former and current officials were stolen. The second burglary has a much greater impact. There did attackers to gain access to the system where information on screenings and background checks are stored. It involves highly sensitive data, such as mental health problems, drug and alcohol use, arrests by police and bankruptcies. Also, persons in completing the screening form names fill acquaintances and contacts, as well as the social security number.

This week it was announced that 32 million of potential officials this highly sensitive private data are captured, reports the Washington Times . The attackers made ​​via stolen credentials of an outside company to gain access to the system. The company is responsible for background checks of officials who should be given a "security clearance", said OPM Director Katherine Archuleta this week at a hearing of a Senate committee to know, according to USA Today .


In early June the FBI circulated a information bulletin ( pdf ), which warned of the Sakula Remote Access Tool (RAT), reports Public Intelligence . Through the tool attackers had stolen personal identifying information. The warning was published a day after the OPM had the first break on the network warned . Last week left sources told Reuters that the OPM hackers a "special tool" called Sakula were used to control the computers of the administration remotely, making the link between the FBI warning and OPM burglary could be laid. The malware was already at the intrusion on the network of US health insurer Anthem are used. Since the data of 80 million were former and current customers stolen.

In addition to the technical characteristics of the malware also gives the FBI the information bulletin several tips to businesses what they should do after detecting Sakula and what measures can be taken to secure systems preventive heavier. This involves things like the use of reduced duties, limiting local accounts, network segregation, logging and monitoring admin accounts, deploy whitelisting and using the Microsoft Enhanced Mitigation Experience Toolkit ( EMET ). Via this free software from Microsoft it more difficult for attackers to use both known and unknown vulnerabilities.

No comments:

Post a Comment