Monday, December 23, 2024
Monday, December 23, 2024

Pentagon investigating server exposed to public

Must read

John Furner
John Furnerhttps://dailyobserver.uk
Experienced multimedia journalist with a background in investigative reporting. Expert in interviewing, reporting, fact-checking, and working on a deadline. Excel at cinematic storytelling and sourcing images, sound bites, and video for multimedia publication. Work well with photographers and videographers when not shooting his own stories, and love to collaborate on large, in-depth features.

The Daily Observer London Desk: Reporter- John Furner

The Defense Department is digging into a computer server that a cybersecurity researcher discovered exposed a trove of internal U.S. military emails.

Navy Cmdr. Jessica McNulty, a Pentagon spokeswoman, said the department’s chief information officer and the Joint Force Headquarters-Department of Defense Information Network were investigating the matter to “understand the root cause of the exposure and why this problem was not detected sooner.”

She said in a statement Thursday night that the affected server was removed from public access on Feb. 20 and the Defense Department would notify personnel affected by the incident.

“DoD takes this matter very seriously and will incorporate all lessons learned from this event to strengthen its cybersecurity posture,” Cmdr. McNulty said.

Mr. Sen said he identified the exposed server during a routine check. He said a likely human error meant the server was not password-protected and those who knew where to look would have had access after a misconfiguration occurred two weeks ago.

Precisely who had access to the exposed data is not fully known, nor the precise number of internal military communications contained in the server.

“Due to its large size it was harder to get the exact counts of emails but there were a lot,” Mr. Sen said in a message.

Mr. Sen said he discovered the problem on Feb. 18 and turned that same day to the tech publication TechCrunch, which then alerted the U.S. government. He said he did not go directly to the U.S. government because he feared it may wrongly view him as a threat.

Mr. Sen had previously collaborated with TechCrunch’s Zach Whittaker, who has written that Mr. Sen is a “good-faith security researcher.”

Mr. Whittaker wrote that he contacted the U.S. government on Feb. 19, and he later heard from the U.S. Special Operations Command that no one had hacked SOCOM’s information systems.

Regarding whether the human error was attributable to Defense Department or Microsoft personnel, Mr. Sen said an internal review of the government’s logs ought to clarify who bore responsibility.

Microsoft declined to comment this week and referred questions to the Department of Defense. The company did not immediately respond to questions Friday.

Hackers have previously used problems with Microsoft’s tech to create headaches for the Big Tech company’s customers. Microsoft Exchange Server software came under attack from the China-sponsored group Hafnium, Microsoft said in March 2021.

The Biden administration later pointed to China’s Ministry of State Security as being responsible for the attacks aimed at Microsoft Exchange Server email software. The U.S. government and several other countries formally attributed the cyberattacks to China in the summer of 2021.

John Furner
John Furnerhttps://dailyobserver.uk
Experienced multimedia journalist with a background in investigative reporting. Expert in interviewing, reporting, fact-checking, and working on a deadline. Excel at cinematic storytelling and sourcing images, sound bites, and video for multimedia publication. Work well with photographers and videographers when not shooting his own stories, and love to collaborate on large, in-depth features.

PLACE YOUR AD HERE

- Advertisement -spot_img

More articles

PLACE YOUR AD HERE

- Advertisement -spot_img

Latest article

John Furner
John Furnerhttps://dailyobserver.uk
Experienced multimedia journalist with a background in investigative reporting. Expert in interviewing, reporting, fact-checking, and working on a deadline. Excel at cinematic storytelling and sourcing images, sound bites, and video for multimedia publication. Work well with photographers and videographers when not shooting his own stories, and love to collaborate on large, in-depth features.