eWeek Article: Security Audit Flags Thousands of Military User Accounts

**genXer** · January 12th, 2006, 03:58 PM

A colleague of mine sent this out to us. Amazing what an audit can find. Now I wonder what their action plan will be or will they just write thousands of deviations?!? Heh.

Link: http://www.eweek.com/article2/0,1895...06dtx1k0000599

Story Lead-in:

Up to 20 percent of the computer accounts used by the U.S. military are unauthorized or abandoned, providing a major opportunity to hackers and foreign governments who want to spy on the United States, according to a senior military official.

An ongoing audit of user accounts in the armed services has uncovered an epidemic of expired and unauthorized accounts, including 3,000 in DISA (Defense Information Systems Agency), 1,500 in the U.S. Army's Korean operation, and thousands more spread throughout the military services.

I've seen this type of thing with accounts before. Non-existent, broken or outdated processes. I wonder if there are people who "inherit" jobs from other people and just use that person's, or worse, someone else's account to perform a task - like running scripts or jobs.

The article also shows evidence of social engineering to hi-jack accounts or system access and other violations, like unmonitored enabled ports and services... man this article reads more like an audit report, and the more I think of it - I am not sure it should have been published to the general public, at least without sufficient time to address the vulnerable areas.

**genXer** · January 12th, 2006, 03:58 PM

A colleague of mine sent this out to us. Amazing what an audit can find. Now I wonder what their action plan will be or will they just write thousands of deviations?!? Heh.

Link: http://www.eweek.com/article2/0,1895...06dtx1k0000599

Story Lead-in:

Up to 20 percent of the computer accounts used by the U.S. military are unauthorized or abandoned, providing a major opportunity to hackers and foreign governments who want to spy on the United States, according to a senior military official.

An ongoing audit of user accounts in the armed services has uncovered an epidemic of expired and unauthorized accounts, including 3,000 in DISA (Defense Information Systems Agency), 1,500 in the U.S. Army's Korean operation, and thousands more spread throughout the military services.

I've seen this type of thing with accounts before. Non-existent, broken or outdated processes. I wonder if there are people who "inherit" jobs from other people and just use that person's, or worse, someone else's account to perform a task - like running scripts or jobs.

The article also shows evidence of social engineering to hi-jack accounts or system access and other violations, like unmonitored enabled ports and services... man this article reads more like an audit report, and the more I think of it - I am not sure it should have been published to the general public, at least without sufficient time to address the vulnerable areas.

**rapier57** · January 12th, 2006, 09:46 PM

I am surprised. That meeting is much like the Agora, here in Seattle. We have media show up, but they are required to keep their mouths shut. It's a concensus thing. We all know where everyone else lives.

I bet that the eWeek dude wasn't supposed to be reporting from that meeting.

Just my tuppence.

**rapier57** · January 12th, 2006, 09:46 PM

I am surprised. That meeting is much like the Agora, here in Seattle. We have media show up, but they are required to keep their mouths shut. It's a concensus thing. We all know where everyone else lives.

I bet that the eWeek dude wasn't supposed to be reporting from that meeting.

Just my tuppence.

**bagggi** · January 15th, 2006, 02:33 AM

no wonder most of these guys getting caught for stupid reasons on the internet have an account or have hacked into military

**bagggi** · January 15th, 2006, 02:33 AM

no wonder most of these guys getting caught for stupid reasons on the internet have an account or have hacked into military

***Relyt*** · January 15th, 2006, 05:37 AM

Originally posted here by rapier57
...I bet that the eWeek dude wasn't supposed to be reporting from that meeting...

I bet it will be a cold day in hades when he gets another invite for a meetin' with them or a story opportunity.

The number of old accounts is shocking. I was under the impression that when a member is transferred to another location his account (profile, etc) is forwarded to that location. If the member is being released, the accounts are "supposed" to be removed.

cheers

***Relyt*** · January 15th, 2006, 05:37 AM

Originally posted here by rapier57
...I bet that the eWeek dude wasn't supposed to be reporting from that meeting...

I bet it will be a cold day in hades when he gets another invite for a meetin' with them or a story opportunity.

The number of old accounts is shocking. I was under the impression that when a member is transferred to another location his account (profile, etc) is forwarded to that location. If the member is being released, the accounts are "supposed" to be removed.

cheers

Thread: eWeek Article: Security Audit Flags Thousands of Military User Accounts

Thread Tools

Display

eWeek Article: Security Audit Flags Thousands of Military User Accounts

eWeek Article: Security Audit Flags Thousands of Military User Accounts

Posting Permissions