Total Tests:

U.S. Defense Agency That Secures Trump’s Communications Confirms Data Breach

By Davey Winder for Forbes
Friday, February 21, 2020

While many of the details surrounding this breach are likely to remain, understandably, confidential, given the nature of the DISA work, the letter itself has already been published on Twitter by one recipient. Signed by Roger S. Greenwell, the chief information officer at DISA, the letter revealed the breach took place between May and July last year, and information including social security numbers may have been compromised as a result. It also stated that there is no evidence that any personally identifiable information (PII) has been misused as a result. The letter does, however, confirm that DISA will be offering free credit monitoring services to those who want it.

Is the DISA disclosure just the tip of an incident iceberg?

Ilia Kolochenko, CEO at security specialist ImmuniWeb, said that an investigation needs to be conducted, as a matter of urgency, to ascertain if any other systems were impacted. "Frequently, nation-state attackers commence their attacks by breaching the weakest link accessible from the Internet and then silently propagate to all other interconnected systems in a series of chained attacks," Kolochenko said, adding "access to personal data of the agency staff greatly facilitates a wide spectrum of sophisticated spear-phishing and identity theft attacks capable of bypassing virtually any modern layers of defense." That the disclosure letters confirm this breach occurred between May and July 2019, I would hope that such a forensic investigation has long-since been instigated. The delay in these letters being sent out may also "be an indicator of attack sophistication," Kolochenko concluded, "and what has been reported so far may just be the tip of the iceberg." Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential