Government’s Credentials in Clear on the Open Web

July 16, 2015

8:00 pm

Recorded Future, a CIA-backed technology company has found logins and passwords for 47 government agencies strewn across the Web.

The presence of these credentials on the open web leaves these agencies vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce.

Image Credit: Flickr/photosteve101

Login credentials for nearly every federal agency have been posted on open Internet sites for those who know where to look. While some agencies employ VPNs, two-factor authentication, and other tokens to provide a safety net, many agencies lag behind as cited by the OMB report to Congress.

The company says logins and passwords were found connected with the departments of Defence, Justice, Treasury and Energy, as well as the CIA and the Director of National Intelligence. At the time of its analysis, the Department of Energy had the widest spread exposure with exposed email/password combinations for nine different domains. The Department of Commerce was the second hardest hit with seven domains suffering exposures.



Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Full Stack Marketer and entrepreneur, Dan is a tech enthusiast since childhood. His unconditional love for the code and startups forced this frenchi to move to the startup nation (Israel) for his studies. He's currently based in Tel Aviv seeking the big idea of tomorrow. Follow him on Twitter : @Dan_Chetrit

Leave a Reply

  • (will not be published)