In Congress, a call to review internal cybersecurity policies – washingtonpost.com
| November 2nd, 2009In Congress, a call to review internal cybersecurity policies – washingtonpost.com.
It’s not so nice when it happens to “Them”!!!
“The ethics committee operates in secrecy and has its own policy governing the handling of materials involving investigations. Under committee protocols, material generated by the panel is supposed to be stored in secure areas that are not accessible to anyone other than committee staff members. That goes for computer files and printouts of committee documents.”
The article goes on to describe how the members of Congress who were under investigation responded, and how shocked everyone was that the data was “at large”.
The laughable part, is that it was disclosed by a P2P application that was installed on a “Junior Member” of the Ethics committee. I guess the Government doesn’t follow the same guidelines that the Commercial world does…
In the breach, the report was disclosed inadvertently by a junior committee staff member, who had apparently stored the file on a home computer with “peer-to-peer” software, congressional sources said. The popular software allows computer users to share music or other files and is easily available online. But it also allows anyone with the software on a computer to access documents of another user without permission, as long as the users are on a file-sharing network at the same time.
Now I have to question, how much more data was released? What else was on this member’s shared folders?
It’s time that people wake up and smell the coffee… we’ve been PREACHING about these types of weaknesses, there are hundreds of products that can prevent these types of breaches, and what is being done about it?
Apparently, nothing. Thanks everyone… it’s been fun… I’m going to bake some biscuits.
