Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Information Security

Information security can mean protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. This goes beyond just computers and networks. Risks and threats can come from individuals, acts of nature, and new technology.

This topic affects everyone in the federal workforce - top to bottom. Thus, it is also the responsibility of everyone in the federal workforce to protect the information from threats.

Share your experience with securing information.

Options
Go to last post Go to first unread
CyberSamuri  
#1 Posted : Thursday, December 3, 2009 2:03:19 AM(UTC)

Rank: Newbie

Groups: Registered
Joined: 12/2/2009(UTC)
Posts: 16

Back when I was teaching information security at Nation Defense University (NDU) in the mid 1980’s, the three biggest issues, in descending order, were Social Engineering, malware, and personnel.  Today, the three biggest issues, in descending order, are Social Engineering, malware, and personnel.  Funny, the technology has changed but not the issues.

<em><strong><font color=Blue>CyberSamuri</font></strong></em>
Knight  
#2 Posted : Thursday, December 3, 2009 2:53:03 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 1/2/2009(UTC)
Posts: 7,337
Man

Thanks: 242 times
Was thanked: 478 time(s) in 395 post(s)
Very true.
admin2  
#3 Posted : Thursday, December 3, 2009 5:19:54 AM(UTC)

Rank: Administration

Groups: Administrators
Joined: 7/11/2008(UTC)
Posts: 7

Seems like social engineering and personnel are practically the same. Like the people who will pick up a thumb drive they find in the parking lot and pop it into their computer.
Knight  
#4 Posted : Thursday, December 3, 2009 11:53:23 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 1/2/2009(UTC)
Posts: 7,337
Man

Thanks: 242 times
Was thanked: 478 time(s) in 395 post(s)
When they say personnel they mean people who knowingly do wrong inside the wire. I had a SysAdmin once who was running a porno website on GOV equipment. At night he would drop the firewalls to let in anyone who paid for access. He was good and hide things for a while but in the end got caught. Knight2009-12-03 19:58:47
CyberSamuri  
#5 Posted : Thursday, December 3, 2009 9:40:47 PM(UTC)

Rank: Newbie

Groups: Registered
Joined: 12/2/2009(UTC)
Posts: 16

Ref: Knight's post 12/03/09 @ 10:pm

Wow!  It just floors me how some people think that they're so good at what they do that they can get away with stuff like that and not get caught.  We had a guy here at our agency stealing laptops and selling them on e-Bay.  He got caught when a second line manager from the technical support area, who's a big technoholic and peruses e-Bay for deals, saw a laptop, just like the ones the agency uses, advertised.
 
The manager thought about getting it for himself just to tinker with since he couldn't, by agency policy, tinker around with an agency laptop.  Then the manager noticed that the stupid guy didn't even remove the agency's inventory bar code sticker that plainly states "Property of XXX".  Worse yet, the manager started looking for other laptops of the same type and found out that the guy had about a dozen agency laptops out on e-Bay.
 
Needles to say, the guy not only doesn't work for the agency anymore but the Feds are paying for his room and board for the next several years.
<em><strong><font color=Blue>CyberSamuri</font></strong></em>
Scott Dickins&#111;n  
#6 Posted : Thursday, December 3, 2009 11:49:13 PM(UTC)
computerscott2

Rank: Senior Member

Groups: Registered
Joined: 6/24/2009(UTC)
Posts: 1,941

Thanks: 6 times
Was thanked: 52 time(s) in 33 post(s)
I worked at one gov agency where an employee was taking pictures of the stuff he was selling (which happened to be gov equipment) at work. He would place the items on the carpet (which had a VERY DISTINCT and UNIQUE pattern) and then post those pics on ebay. Well.... a fellow employee happened to be perusing ebay and joked to his spouse that "That looks just like the carpet we have at work!".  Turns out it looked like it because it was it. Needless to say Uncle Sam put up some room and board for him also and also took a big chuck of change from him as well.
CyberSamuri  
#7 Posted : Friday, December 4, 2009 12:37:58 AM(UTC)

Rank: Newbie

Groups: Registered
Joined: 12/2/2009(UTC)
Posts: 16

Yeah, it's scary.  These people come up with such elaborate schemes and all that subverts all the carefully engineered security controls and only are found out because of some real insignificant and trivial detail that, only by providence, someone just happened to stumbles across while doing something entirely unrelated.  Though laughable, this is the stuff of nightmares.  How many other schemes are going on under our noses that we haven’t yet stumbled across?  "Welcome to my nightmare!" bwa-ha-ha-ha-ha-ha-ha!

<em><strong><font color=Blue>CyberSamuri</font></strong></em>
CyberSamuri  
#8 Posted : Thursday, October 7, 2010 10:19:38 PM(UTC)

Rank: Newbie

Groups: Registered
Joined: 12/2/2009(UTC)
Posts: 16

Good thing these smartasses (Shocked) are not very smart.Wink
<em><strong><font color=Blue>CyberSamuri</font></strong></em>
Rss Feed  Atom Feed
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.


This page was generated in 0.153 seconds.