July 16, 2015
Recorded Future, a CIA-backed technology company has found logins and passwords for 47 government agencies strewn across the Web.
The presence of these credentials on the open web leaves these agencies vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce.
Image Credit: Flickr/photosteve101
Login credentials for nearly every federal agency have been posted on open Internet sites for those who know where to look. While some agencies employ VPNs, two-factor authentication, and other tokens to provide a safety net, many agencies lag behind as cited by the OMB report to Congress.
The company says logins and passwords were found connected with the departments of Defence, Justice, Treasury and Energy, as well as the CIA and the Director of National Intelligence. At the time of its analysis, the Department of Energy had the widest spread exposure with exposed email/password combinations for nine different domains. The Department of Commerce was the second hardest hit with seven domains suffering exposures.
Did you like this article?
Get more delivered to your inbox just like it!