Tuesday, February 9, 2010

NSA.gov Hacked : Epic Fail

I usually dislike and disagree to people who deface websites to state whatever point they want to prove but this one is really an exception. The defacement happened last October 2009 and was kept silent from the general public. This simply proves the poor state of IT security from supposedly one of the most security-knowledgeable agency in the entire planet. How does this happen you may ask? The security industry itself is filled with pretenders with fancy resumes and certifications who actually know almost next to none when it comes to real-world security threats. Otherwise, how do you explain being compromised with an 8-year old exploit which any newbie hacker can readily do?

8 comments:

  1. How do I know this screenshot isn't fake?

    ReplyDelete
  2. He probably snapped the screenshot himself.
    U.S. government agencies are hopelessly inept at securing their systems and generally clueless about computing. So typically they will choose Microsoft platforms (and use fly-by-night contractors) for most projects and then it's probably just a matter a few days or weeks before they are cracked. These are just hunches based on suppositions ;)

    ReplyDelete
  3. if you look closely at the url :

    http://www.nsa.gov/applications/careers/recruit_events/index.cfm

    you would see the obvious traces of the attack if you are familiar with sql-based attacks that is. anyway, they have removed the page entirely but you can still see the original link to the removed paged if you look more closely to the left side.

    ReplyDelete
  4. Probably there's just something wrong with their database.

    ReplyDelete
  5. Such things happen. The information isn't that vital anyway.

    ReplyDelete
  6. The NSA didn't get hacked, their web hosting company did....they pay some company fifty bucks a month to host a bunch of pages at an offsite location...not truly a "FAIL", but embarassing nonetheless..

    ReplyDelete
  7. NASA needs to improve its security and they need to bring a Hacker to its team. They know how to enter system so they know how to stop people for entering there. The funny thing when someone hacks a page it is the they add funny content like nudes, jokes or even links to Generic Viagra.

    Viagra Online Cheap Viagra

    ReplyDelete
  8. The first part of starting any new site is picking the niche you want it to be in hotel marrakech. My biggest criteria for this case study was finding a niche that should be fairly easy to get some traction in rapidleech servers, so I went for something pretty obscure pnr status. I don’t know how much money is here, so I’m taking a chance therescrapebox. But all techniques stay the same adwords coupon.

    ReplyDelete

Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security