[tahanteada]

Jäi silma tore vaidlus turvateemadel, ehk pakub kellelegi huvi.

U.S. Navy: “I Thought the Other Guy Was Doing Security”
The Wall Street Journal reported this week that security holes exploited by suspected Iranian hackers existed because of “a poorly written contract with computer-services provider Hewlett-Packard.” Under the terms of the contract, H-P wasn’t required to secure the Navy Department databases. But the Navy, under the mistaken assumption that the computer company was the sentry at the gates, didn’t assign personnel to oversee security for the databases. The lapse made the computer network ripe for the picking. How ripe? So much so, an unnamed source told WSJ that restoring the Navy network took four months and cost about US $10 million. The source, a senior defense department official said that “after the Iranian hack, the Navy took stock of its security efforts and drew up a list of 62 security issues…Some [will] cost more than $100 million and may require asking Congress for permission to redirect funding.”

Though it’s clear that, in the parlance of politicians, mistakes were made, everyone currently or recently in charge is being spared the indignity of being blamed for this massive screw-up. The unnamed defense official said the comedy of errors was based on “decisions made years ago as to what the Navy network structure should be and what kind of risk it was comfortable taking.” Because the contract was first awarded in 2000 and last updated in 2010, Vice Admiral Michael Rogers, who served as the Navy's cyber chief in 2011 and oversaw the cleanup, has been able to sidestep blame for the cock-up as Congress prepares to vet him for the role of director of the National Security Agency.
Edasi lingil:
http://spectrum.ieee.org/riskfactor/telecom/security/us-navy-i-thought-the-other-guy-was-doing-security