UPDATED 16:10 EST / JULY 18 2011

How the Pentagon Hack May have been a Result of an E-mail Scam

Deputy Defense Secretary William J. Lynn III admitted in a Cybersecurity keynote last week that hackers managed to steal over 24,000 Pentagon files, most likely from a defense contractor. He did not disclose a lot of details about the incident, but hinted towards “foreign introducers” that managed to get their hands on “satellite communications systems, and network security protocols” among other things.

This story leaves a lot of room for speculation, and Nick Percoco, digital security expert and SVP at Trustwave’s SpiderLabs, said in an interview with Fast Company that he may have an idea as to what went down: an e-mail scam sent to a staff member of a given defense contractor.

“If you wanted to steal data like this, you could start by targeting a particular employee via email–“We’ve seen this happen to defense contractors,” Percoco notes. “Using technology like Google, and LinkedIn and other social networks” hackers could find out who best to target.”

That employee may be a senior executive, or a network administrator. Once the hacker obtained that individual’s email, they would have to gain access to a zero-day exploit of a program that is most likely installed on their work laptop, Peroco said. According to him, after that the hackers would just need to send an official-looking email from an official-looking address to that person as early in the morning as possible.

The pentagon hacking is one of the most alarming incidents so far, but it’s one case in a long list of breeches one we’ve been hearing about this year. Data about RSA’s SecurID token was obtained by hackers a few months ago, an incident most likely related to the attacks on the networks of at least two government contractors: Lockheed Martin and Northop Grumman.  Many have been paying attention to all this activity, including Sen. John McCain, who is now seeking to form a specialized committee to investigate these attacks.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU