Archetyp Links

CNN - An unidentified hacker stole sensitive data from employees of the Office of Customs and Border Protection and the Federal Emergency Management Agency (FEMA) in a “generalized” violation this summer that lasted several weeks, according to an internal Evaluation of FEMA reviewed by CNN. The incident caused an urgent cleaning operation by senior technology officials (IT) of the information of the National Security Department after the hacker obtained deeper access to a FEMA computer network that manages operations in a region that extends from New Mexico to Texas and Louisiana, according to the document. The incident has shaken the National Security Department, which supervises both FEMA and the Office of Customs and Border Protection (CBP), and has generated new questions about the department's ability to protect information from the more than a quarter of a million people who work there. The Secretary of National Security (DHS), Kristi Noem, announced last month the dismissal of two dozens of FEMA IT employees, including the main technological executives of the agency, criticizing them for “serious security failures” that allowed a “threat actor to violate the FEMA network and threaten the entire department and the nation in its set”. Noem seems to have referred to the same incident described in the document obtained by CNN. In his statement on August 29, Noem said that "sensitive data from any DHS network" were not extracted, but the document says that on September 10, a "DHS working group" and FEMA officials confirmed that the attacker stole data from FEMA and CBP employees. The document, which was presented to FEMA staff this week as update on violation, reveals how easily the attacker mocked the agency's digital defenses. In mid -July, while the intruder sailed through FEMA systems and tried to extract sensitive information, the DHS launched its first efforts to contain and stop the violation.However, according to the evaluation, almost two months later - for September 5 - the DHS and FEMA were still trying to remedy the incident. It was not clear immediately who carried the hacking. "On August 29, at the time the statement was issued, there was no evidence that Sensitive DHS operational information had been committed," said a DHS spokesman, referring to the previous statement of Noem."This is still an active investigation, and we will not comment or validate filtered internal materials." The attacker attacked software manufactured by Citrix, a government contractor, which allows users to access networks remotely.This type of software is a main objective for hackers because it can be a gateway to more sensitive parts of a network. Nextgov/FCW, a technology news post, was the first to inform about the document. Although Noem described the workers dismissed as FEMA as incompetent, some veteran FEMA officials previously told CNN that dismissed leaders were "extremely competent" and "highly respected." The layoffs occurred after another controversy: several agency employees had just been placed on administrative license and subsequently investigated for signing an open letter to Congress warning that the agency's reform by the Trump government was undermining the response to disasters and putting communities at risk. Noem has insisted that his department is "doing fema cleaning."Their radical actions have left many current and previous officials questioning whether they are using these incidents as a pretext for a broader purge. At any time, US officials face numerous hacking threats against the vast confederation of federal computer systems. Cyber ​​-wing officials of the United States issued an “emergency directive” last week ordering federal agencies to defend their networks against an “advanced” hacker group that have violated at least one agency in an apparent espionage campaign.It was not clear immediately if the violation of FEMA is related to that activity.