Tuesday 4 May 2010

The US Treasury Trail

News is emerging of a hack at the US Treasury Department, in which a series of websites associated with the U.S. Bureau of Engraving and Printing (BEP) were affected.

Visitors to the sites were directed to another site in the Ukraine, one that is notorious for installing malware on computers.

The attackers targeted a cloud computing company that hosted the BEP’s pages.

This hack has the elements for a good press story because it involves a government agency, the Ukraine and the cloud environment. But, these elements are not newsworthy.

US governmental sites have been under attack for the past year, and these prior attacks should have been a call to action for all federal and state IT departments to review their security policies and practices.

The hackers’ purported destination of Ukraine is also not newsworthy.
Hackers will not attempt access in their own country but will target foreign sites, knowing that the likelihood of prosecution is slim to none.

That this happened in the cloud is also not a news hook. Cloud environments are no more or less safe than any other environment. Agencies putting their information in the cloud should know the security measures and practices involved.

What is newsworthy? The fact that there are still questions about the number of people affected and even whether all of the affected sites are disabled is disturbing.
(http://thompson.blog.avg.com/2010/05/whoops-treasury-still-hacked.html)
All organizations, especially government agencies, should have a disaster recovery plan in place in the event of a breach. This plan should include informing those involved with the basic details of what happened, who was affected, and what people should do.

The reality is likely that the US Treasury is looking to answer those questions now, which comes too little too late.