Are they reporting what is a mis-identification of automated vulnerability scanning?
We've been talking for weeks now about how NSA continually weakens the US by attacking encryption and infrastructure - and nobody is actually helping tighten our networks.
Could it be that DHS has some mandate to scan government networks?
I'm shocked that this story seems to be upvoted less than the Gimli Glider story which has been on the front page for more than a day.
One would think that the recent allegations of Russian hacking [0], as well as these allegations, would be of interest to the HN community. Whether either of the allegations is well-founded or not, they need to be investigated and understood by the public.
It's worth noting that the President spent a great deal of his final press conference discussing the Russian hacking issue [1].
Could be part of it. Also, election fatigue. The 2016 election has dominated every news cycle for more than a year. Everybody is just plain tired of it, for better or worse.
my bet is on an assessor mis-scanning an ip range during a scheduled network assessment. having been in those trenches, this is how it was firmly explained to me every week when tasks were delegated: "double and triple-check all your target ip addresses. we don't want someone outside the network complaining about a scan, that's a reportable incident and makes us look like douches when we are trying to get new business with the fed client."
Readit News
We've been talking for weeks now about how NSA continually weakens the US by attacking encryption and infrastructure - and nobody is actually helping tighten our networks.
Could it be that DHS has some mandate to scan government networks?
a) DHS machines are compromised
b) They are just falsifying the IP
If DHS doesn't have approval/authority, isn't an automated vulnerability scan a cyberattack?
One would think that the recent allegations of Russian hacking [0], as well as these allegations, would be of interest to the HN community. Whether either of the allegations is well-founded or not, they need to be investigated and understood by the public.
It's worth noting that the President spent a great deal of his final press conference discussing the Russian hacking issue [1].
Why is this not bigger news, especially here?
[0] http://www.cnn.com/2016/12/19/politics/russian-election-hack...
[1] https://www.emptywheel.net/2016/12/18/obamas-response-to-rus...
http://thehill.com/policy/technology/310812-dhs-responds-to-...
Dead Comment