In what must surely be a gigantic black eye, congressional investigators said on Monday that dozens of computers belonging to the Department of Homeland Security (DHS) have been compromised by hackers.
To add salt to the wound, a government contractor hired to protect the DHS computers instead tried to hide the incidences from the department.
In a written statement by Democratic Reps. Bennie Thompson of Mississippi and James Langevin of Rhode Island:
The results of our [committee] investigation suggest that the department is the victim not only of cyber attacks initiated by foreign entities, but of incompetent and possibly illegal activity by the contractor charged with maintaining security on its networks.
We know where it [the information] was taken from, but we don't know what was taken. We only know how many megabytes was taken," the staff member said. "Everything was on the LAN A, which was an unclassified network. To the best of our knowledge there was no classified information [taken].
The implicated contractor was not specifically named in the statement, though a committee staffer identified it as Unisys Corp. Unisys Corp has a $1 billion contract to safeguard DHS computers.
To read more:
- Unisys blamed for DHS data breaches (The Register)
- Unisys denies stonewalling DHS officials (eWeek)
- Investigators: Homeland Security computers hacked (CNN)
Does your company outsource the management (not necessarily security-wise) of internal computers to an external provider? What have your experiences been like with such contractors?
————————————————————————————————————————Stay on top of the latest tech news
Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.