Ride the Lightning

Forget the Expert Hackers: Worry About the IT Guy

October 20, 2014

The title is the essence of a Washington Post article highlighting the fact that mistakes made by IT personnel in setting up popular office software have made information about millions of Americans public on the Internet, including Social Security numbers of college students, the names of children in Texas and the ID numbers of intelligence officials who visited a port facility in Maryland.

Researchers say the problem has affected many hundreds of servers running popular Oracle software, exposing all kinds of data to hackers. Most of the institutions affected have been universities or government agencies, and of course they hold a wide range of information on individuals and private companies.

The UCLA Health system had communications records, including doctor’s names, e-mail addresses and phone numbers, visible online. The Pentagon’s Defense Information Systems Agency, which maintains secure military networks, exposed a contracting database appearing to show $164 million in purchases. Two Texas state agencies failed to protect the personal details of people receiving government services.

Again and again, according to the article, the problem isn't sophisticated hackers but our own system administrators making routine errors that leave data unsecured. Apparently, we are doing our best to make it easy to gather information which we mean to secure. Interesting reading, suggesting that our focus is often misplaced.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq