Chinese hackers crack Homeland Security computers

Source: REUTERS

Chinese hackers broke into Department of Homeland Security computers and made off with "many megabytes" of data, and the contractor charged with securing the department's networks attempted to cover up the breaches, according to Congressional investigators who have asked the department's inspector general to investigate the computer security breaches. The Federal Bureau of Investigation has launched a separate investigation into Unisys Corp., which for $1.75 billion was supposed to install and monitor network intrusion devices for the Transportation Security Administration and at DHS headquarters, but failed to install and monitor the devices properly...
...
A Unisys spokeswoman, Lisa Meyer, said that "no investigative body has notified us formally or informally of a criminal investigation" on the matter and added that she could not comment on specific security incidents.


Read more: http://www.reuters.com/article/blogBurst/topNews?type=topNews&w1=B7ovpm21IaDoL40ZFnNfGe&w2=B9KobpniDQffCOR77fHrDXw&src=blogBurst_topNews&bbPostId=B5wpVCLIBQqJCz3o2noukGVuMCz6Zhs0MaFQahBAC50GkXbQEX&bbParentWidgetId=B9KobpniDQffCOR77fHrDXw

---

Yes, Chertoff & Co are on the job...they will learn from this blunder, and like all others from this administration will go on to ever greater blunders in the future.

:sarcasm:

Does our government see a PATTERN of perpetual fuck-ups using outside sources? And this will probably cost us more in the long run, then it would had we hired people to HS jobs, to do the same thing.

using inside connections. If this were open and transparent, they would've lost the contract already.

With a contractor, there is great motivation to keep costs as low as possible. Sometimes the lower-cost solutions are not the best solutions. Also, some contractors are also partners with solution providers. Some of these solutions might not be best-of-breed, but because of their partnership, they use them in any case, instead of the best and most effective solution available, since they make more profit that way.

Also, they may be working off of a list of specified goals and solutions that, due to the fact that government is a machine that grinds exceeding fine, is dated and incomplete, a list created by people who did not have the requisite knowledge and experience to create such specifications or said list was not recently updated to respond to emerging threats and techniques.

From what I have heard from a government IT contractor, government IT work tends towards the chaotic. Budget cuts come out of nowhere, in the middle of a project, grinding work to a halt or slowing it down. Priorities also seem to shift daily, if not hourly.

And then, there is the looming possibility of incompetence. Never rule that out.

Gold-plated toilet seats, anyone? $600 wrenches?

just happened to previously work for the contractor...who is politically connected and believes the Earth is flat and appeared instantly some 3000 odd years ago.

the Chinese hackers.

;-)

...that all the DHS computers used either "password" or the name of the receptionist's cat for passwords.

They probably couldn't remember the cat's name. ;-)

China is just the scary untouchable du jour, so it's convenient to pin this on them. Even if the attacks arrived at the DHS from Chinese IP addresses, this doesn't necessarily mean that the attackers were Chinese, since anyone with sense would cover their tracks using previously compromised systems. The truth is likely to be that the FBI has absolutely no idea who or where the attackers were. But that doesn't sound so good...

Real proud of ya!

heh sorry I could not resist.

certainly will not work for a contractor or the federal government. the government has a habit of throwing people in jail if they demonstrate their ability to hack/defend computer software

Don't they know anything about security? You don't hook anything to the Internet that you aren't willing to lose....

...since Microsoft is such a good donor to Republican causes.

Should've used Linux. Tough to crack (unless you're really clueless), plus hard to virus.

Less chance for generic contractors to get the job and less chance for bad software to open back doors.

No?

Pussy.

must passed to monitor your and my internet traffic.
:sarcasm:

Maybe the Chinese hackers thought that they were Homeland security employees? /sarcasm

It was back in late Sept., just before Bush the Smarter's Gulf War. I was a consultant in IT for a software company and had the Army as a client. A Colonel called me and wanted to know something about a product from my company that was on a contract won by Unisys, well before Saddam attacked Kuwait.

Unisys was lying through their teeth to this guy as he was getting ready to take those computer systems into a real war. The Colonel was facing millions of dollars in upgrades if I verified what Unisys was telling him. Let's just say the Colonel thanked me very much.

He probably then called in the Unisys program manager and gave him royal hell. I assume this because, the next day - I got a call from Unisys!

Was it:
From the sales rep? Nope!
From their on-site engineers? Nope!
From their contracting people? Nope!
From the Unisys program manager? Nope!

The call came from Unisys' corporate offices; to be specific - Unisys' General Counsel! He opened up on me, big time, demanding to know what gave me the right to interfere in THEIR contract, and how we would most likely be kicked off and never to get on a Unisys contract ever again.

I told him that I had read my contract with his company, that I was a named deliverable on the contract and only the Army can kick me off (ahhhh, the good old days). But, if he really thought I spoke out of turn, I was more than happy to apologize to Unisys and to the Army if a third party agreed with him. My choice for that 3rd party was - the Army Inspector General. I said I had his number and asked if General Counsel preferred to make that call himself, or if he would like me to do it!

He muttered some shit, then the call ended. I just laughed.

I have a relative who works in a computer system for a US Defense agency. He says the Chinese military is constantly trying to find ways into US military computer systems. They traced one break-in directly to the office of a Chinese colonel.

Also, there are many stories about how the Chinese government has been working on ways to bring down the whole US computer telecommunications/internet system, in case of a future conflict. That explains many hacking attempts in various civilian computers.

"sent to DHS inspector general Richard Skinner"
:rofl: The DHS IG's name is Dick Skinner!

-Hoot

they might be able to hack into important computers, not just Hoaxland Security's.

;-)

Now they say, "The computer crashed and took my homework with it." Mrs. ironflange is a teacher, and she's heard it.

But pretty soon, teachers will hear "Hackers busted into my computer and stole my homework."

...of maintaining the email backups for the White House. The five millions messages that were accidentally lost. Or are they now "un"-lost, but just not where they can put their hands on them yet? So many lies...I just can't keep up any more. Which is exactly wha they're counting on.

It really is almost time to march on the White House, grab Bush/Cheney/et al, tar and feather the lot, and run them out of town on a rail.

http://www.highbeam.com/doc/1P2-1081114.html

http://www.cbronline.com/article_cg_print.asp?guid=01B7B879-BD2A-44A0-94C0-66B1B15D9176

Unisys Corp seems about to shrink by another $2,100m in annual sales and 17,000 employees: the company declines to comment, but according to the Washington Post, the company is negotiating with investment firm Carlyle Group Inc to sell its defense division via a public offering, raising at least $500m and up to $700m to reduce its debt mountain; at its current share price, the whole of Unisys is valued at only $800m. Frank Carlucci, head of the Carlyle Group and former US Secretary of Defense, would become chairman of the new company. The defence division, headquartered in McLean, Virginia manufactures custom electronics for weapons and radar systems for the Pentagon, intelligence agencies and civilian firms.

Note: "Frank Carlucci, head of the Carlyle Group and former US Secretary of Defense, would become chairman of the new company. "

These are from 1991 articles.


I'm still getting info:

Hey look Frank Carlucci was US Secretary of Defense in 1988. At the time he was suppeana-ing the unisys firm along with others for US defense contract corruption. He of course would later run some of these firms when he became head of the carlyle group, which is the company that bought some of them.

http://www.time.com/time/printout/0,8816,967967,00.html

"Like an overburdened state trooper who pulls too many summertime speeders to the side of the road at one time, Defense Secretary Frank Carlucci has decided to turn some of the suspected culprits loose. Testifying before the Senate Armed Services Committee last week, Carlucci said he would resume payments, which he suspended only three weeks ago, to nine Pentagon contractors that are under investigation in the Government's sweeping probe into charges of bribery and bid-rigging in the defense business. "My job is not to punish companies," he said. "My job is to protect the national security."

---------

then from here:

http://www.scribd.com/doc/211956/Briody-The-Iron-Triangle-Inside-The-Secret-World-Of-The-Carlyle-Group-2003

In an online book called the iron triangle, unisys ended up the only company in the investigation to pay back millions and to be disgraced. Caryle tried to buy it but their investors refused and Unisys went public.

I can't find anything after that so I'm not sure if they later bought Unisys or not.

outsourcing to China and India

they are fools