Unisys Investigated For Covering Up Cyber-Attacks 114
Stony Stevenson writes "Unisys, a major government IT contractor, is reportedly being investigated for failing to detect cyber-attacks, and then covering up its failings. Two US congressmen have called for an investigation into cyber-attacks aimed at the Department of Homeland Security, along with a contractor (that would be Unisys) charged with securing those networks. 'The House Committee on Homeland Security's investigations led them to believe the department is under attack by foreign powers, and could be at risk because of "incompetent and possibly illegal activity" by a US contractor. The congressmen didn't name the contractor in the letter. However, the Washington Post on Monday reported that the FBI is investigating Unisys, a major information technology firm with a $1.7 billion Department of Homeland Security contract, for allegedly failing to detect cyber break-ins traced to a Chinese-language Web site and then trying to cover up its deficiencies.'" Unisys denies it all.
Well... (Score:4, Insightful)
Re:Typical unisys (Score:3, Insightful)
Re:Typical unisys (Score:3, Insightful)
For reference, see SOX.
Re:Incompetence on both ends (Score:3, Insightful)
Security is actually the quest for the better mousetrap. The problem is, as soon as you have it, you get to face the better mouse and the race is on again.
Re:Damn (Score:3, Insightful)
Re:Stealing Unclassified Data? (Score:3, Insightful)
On the other hand, classified data can include material that people CAN find out from their own observation if they happen to be in the right place at the right time. Like whether a particular vessel is in a particular location... individual observations that aren't correlated aren't something that has been "stolen"... they just happen... but in bulk they become valuable and justify protection.
So whether something is a military or state secret is orthogonal to whether it's valuable or can be "stolen".
Re:Incompetence on both ends - Gov't BS (Score:3, Insightful)
"Sir, there appears to be attacks against our systems from China"
"Are you telling me that China is attacking us? Can you provide proof beyond a doubt that it is China attacking our systems? How did you detect this attack?"
"Sir, it shows up in the firewall and IDS logs"
"What are firewalls or IDS? Did you get that report done...blahblahblah that I asked for? Why are you looking at the logs when I need real work done. What is the status of project A, B, C? Go help fix a computer somewhere."
"Sir, should I not be looking at the logs?"
"What, are you stupid, did I TELL you to look at the logs? Go fix a computer or something"
So, you train a govt IT person in computer security and they get a CISSP and maybe a SANS cert or two. But, they have to continue working with people who won't allow them to use the knowledge. They're leaving.
Generally speaking, my experience is that many departments in gov't don't follow their own process or rules and they breed an air of idiotic compliance. Then fire the blame gun when a problem erupts.
I was told by a long term employee when I asked how to survive in gov't so long..."for every situation, always have a putz lined up." Smart sysadmins in gov't learn that they will be the putz and leave.