This Monday, the US Departments of Justice and Homeland Security announced that investigations were taking place regarding a hacker that broke into the American government’s computer systems and stole sensitive information about employees at the agencies.
The hacker accessed and stole information regarding 9,000 Department of Homeland Security employees online Sunday and publicized data on 20,000 FBI employees on Monday.
DHS spokesperson S.Y. Lee gave the following staement:
“We are looking into the reports of purported disclose of DHS employee contact information… We take these reports very seriously; however, there is no indication at this time that there is any breach of sensitive or personally identifiable information.”
The Department of Justice was investigating “unauthorized access of a system operated by one its its components containing employee contact information,” and added that no sensitive personally identifiable information appeared to have been compromised.
Strange statements considering that DHS data posted to the Web contained phone numbers and email addresses of past employees, though some of them hadn’t worked int he agency for years.
Motherboard did report the data theft on Sunday, claiming that a hacker had turned stolen information over to it and announced his intention to go public with the information.
According to Motherboard, the hacker was able to use the email account of a DOJ employee and social engineering to enter into the agency’s intranet and download 200GB of files. This was all explained to Motherboard by the hacker.
Motherboard is a section of Vice news focused on the future:
“With in-depth blogging, longford reporting, and video journalism, Motherboard investigates the news and events that are already affecting the years to come. We want to help you get your hands on tomorrow. Beyond that, we strive to bring our audience an honest portrait of the futures we’re racing towards.”
The hacker apparently failed to penetrate the DOJ Web portal on his own, but had the bright idea to call a government department, act like a newbie, and simply request the code for accessing the portal, which eh was given over the phone. Once inside, he gained access to the computer used by the person whose email he had compromised and gained access to DOJ’s internal network.
“It was a fairly simplistic attack combined with social engineering, but audacious when your’e going after an FBI employee,” commented chief research analyst with IT-Harvest Richard Stiennon. “It’s easy for complacency to set in at high-volume call environments such as government help desks… If you flood a help desk with password reset requests and similar requests without any negative consequences, eventually operators are going to get comfortable handing out login tokens.”
The whole situation is an indicator of the limits of even the most secure systems; the gullible employee is always the Achilles’ heel.
“All the advanced algorithms, machine learning and log aggregators can’t protect an organization from a gullible employee susceptible to the ‘Look, your shoe’s untied’ ruse,” commented Stealthbits Technologies channel marketing manager Jeff hill.
“In today’s world, the best cybersecurity strategy is to look for and identify suspicious behavior of legitimate accounts,” he added.
According to the BBC, Manhattan District Attorney Cyrus Vance has released a report claiming that law enforcement should have access to encrypted data on smartphones. His report comes as a direct response to Apple and Google, whose iOS and Android operating system automatically encrypt the data used by their operators.
The report claims that “the consequences of these companies’ actions on the public safety are severe.”
Debate regarding whether data encryption services should be accessible to the average consumer have been even further fueled by last week’s tragic multi-pronged terrorist attack in France. 129 Parisian citizens were killed and 352 were wounded by three teams of terrorists that staged coordinated attacks at six locations. The planning necessary to carry out these attacks has prompted authorities to claim that increasing their access to the private information of the public would help them to find attackers’ murderous plans before they are carried out.
The U.S. feels intrinsically involved in the issue, as is demonstrated by the statement given by U.S. Secretary of State John Kerry: “The United States and France are not only friends, we are family. And today, the entire world joins our family in the heartbreak yet again.”
“Don’t mistake what these attacks represent,” Kerry continued. “This is not a clash of civilizations. These terrorists have declared war against all civilization… This is an assault not just on France, but coming on the heels of brutal attacks in Lebanon, Iraq and elsewhere, it is an assault on our collective sense of reason and purpose, an attack on civility itself.”
The egregious attack has caused a ripple of international security concerns all around the world. British Prime Minister David Cameron announced a plan for $3 billion in additional funding to be spent on the country’s military forces to fight terrorism, law enforcement has been ramped up considerably in large U.S. cities like New York and Washington D.C., and a variety of international sporting events and music concerts have been cancelled.
So back to Manhattan: recently in a case unrelated to the, attacks in France, Apple refused a court order to unlock data on a smartphone that is part of a criminal case.
The District Attorney of Manhattan then filed his report, claiming that “smartphones are ubiquitous, and there is almost no kind of case in which prosecutors have not used evidence from smartphones… Evidence from smartphones has been used across the country to investigate and prosecute homicides, rapes, assaults, domestic violence, narcotics rings, kidnappings, larcenies, frauds and robberies. ”
Alone with these assertions came a series of case examples and several questions for Apple and Google regarding the technical details of their encryption schemes and their policies of not adhering to requests to decrypt data. Apparently the District Attorney had already asked these questions in other letters but received no response.
The report proposes that smartphones be made subject to search warrants, so law enforcement could force operating system designers to unlock encrypted data held on the device.
Data from one’s hard drives and RAID systems can be lost due to number of reasons like malignant viruses, corrupt files or simply when one is unable to open it. This could happen when unknowingly an important system file gets deleted too. Though one often chooses the data backup option in every few days; there are many a time when it is not done on time. That is when data recovery comes into picture. Though data retrieval is difficult but it is definitely possible with help from professionals. Here are a few important points to keep in mind about recovering data from hard drives and RAID systems.
Recovering data from a Hard Drive
Hard drives are used extensively to store data. They are used since many years and many a times loss of data is observed on these. The main points here which can cause loss of data are as follows:
- Physical damage: hard drives are prone to mechanical damage If not used properly, the content can be lost immediately. Accidental damage can be through someone who is not aware of it. New people or unknown people can delete the data. Then there can also be spillage on these. They can be destroyed because of water or accidentally stamped by someone. So be very careful and use them accordingly.
- There can also be data corruption or reformat of data because of viruses. So be very sure and always use antivirus.
RAID data recovery:
In recent times, the safest option available to store data is RAID. It is considered safest when it comes to data loss. Generally data loss chances are less here as compared to others. They are available in various configurations. The data loss is not common here but if it occurs, recovery is equally time consuming and complicated. The different configurations provide different benefits. They are as follows:
- RAID 0: This is the most common types of configuration. But it is not safe as others are. It gives high speed but does not allow one drive to fail.
- RAID 1: It is also a popular configuration and allows at least one drive to fail. Its speed is less as compared to RAID 0.
- RAID 5 & 6: There speed is pretty good and they also allow at least one drive to fail.
- RAID 10 and above: It is expensive type. It allows at least two drives to fail. Provides good speed and safety. If data is lost, then recovery is difficult.
There are multi layered and complex systems too. The recovery here is rather most expensive.
RAID systems are considered one of the safest systems to protect data. It is used widely. But if one loses data through this, it is time consuming and expensive to retrieve it back. One definitely needs an expert as it is not an easy task. There are different types of RAID systems available. Rescuing of data from them is cumbersome. Thus, a professional intervention is always suggestive.
We all store lots of data and information in our computers, laptops, hard drive and flash drives. It may contain all the necessary data about your new business project or some old memories basically in the form of snaps. Losing this data can be very stressful. Imagine if one day all the information in your laptop is gone, then any person can lose his cool. Here comes the process of data recovery. It is a process by which all the lost data can be recovered easily. The loss of data can happen accidentally, or some virus can be the cause or by reformatting your device or by using corrupt files, hard drive failure or even by hacking. Reasons can be many but sometimes it is essential to get back all the data, which can be done conveniently by data recovery process.
How does it work?
Can data recovery process help one to retrieve the lost data? Well, the answer is yes! With the help of data recovery methods, one can certainly get back all the data that is lost. Actually, it depends on the way by which one has lost all the information. There are different data recovery processes and each can be used for specific reason only. There are numerous ways and hence the first step is to ascertain the main cause of data loss. Then only one can further decide on to which process to apply to recover the lost data.
Hard Drive Data Recovery: We all use our hard drives to store information. But sometimes it is found that the files we are trying to open are corrupt. This can happen to anyone as generally hard drives have the major percent of data. Here are some of the reasons of losing data:
- The file can be accidentally deleted. This happens when someone who is not known can accidentally delete your important file. One may not be able to locate the file at all. Then it can be recovered easily as many laptops and computers have the back up. The deleted file can be retrieved easily.
- The data can be corrupted or it can be affected by viruses. The viruses cause the information to turn unreadable and the person is not able to open the file at all.
- The hard drive can also be physically damaged which leads to data loss. This can be due to accidentally dropping it, stepping onto it , if it has been exposed to water. Sometimes another person who is not aware may also tamper with it. These all cause loss of data.
But the good thing is data recovery from hard drive is easy with data recovery gurus. An expert can recover all the data easily. But being cautious and preventing it from damage or virus is very important. Protect your data from all types of viruses or prevent them from corruption as these are the main reasons of data loss. Also be cautious and handle your drives properly. Prevent untoward accidents which can also lead to loss of important data.