April 20, 2024

You are here: Home / Archives for confidential information

Hacking of White House E-Mail Affected Diverse Departments

June 4, 2011 by Leave a Comment

WASHINGTON — The computer phishing attack that Google says originated in China was directed, somewhat indiscriminately, at an unknown number of White House staff officials, setting off the Federal Bureau of Investigation inquiry that began this week, according to several administration officials.

It is unclear how many White House staff members — or those of other departments in the executive branch — might have been affected, according to two officials with knowledge of the investigation. But the intended victims ranged across various functions in the White House, and were not limited to those working on national security, economic policy or trade areas that would be of particular interest to the Chinese government.

Administration officials said they had no evidence any confidential information was breached, or even that many people fell for the attack by providing information that would allow a breach of their Gmail accounts.

White House classified systems run on dedicated lines and information on those systems, the officials said, cannot be forwarded to Gmail accounts. But investigators were trying to determine if the attackers believed that some staff members or other officials used their personal e-mail accounts for confidential government communications.

“Right now,” said one senior official, “that’s a theory, not a fact.”

Google disclosed the attack this week and said that it was directed at not only American government officials, but also human right activists, journalists and South Korea’s government. Google tracked the attack to Jinan, China, which is the home to a Chinese military regional command center.

But that does not necessarily mean the attackers were Chinese or related to the government. The Chinese government denied any involvement.

The attack used e-mails that appeared to be tailored to their victims, the better to fool them, a technique known as spear phishing. Recipients were asked to click on a link to a phony Gmail login page that gave the hackers access to their personal accounts.

The attacks come as the United States government considers expanding its use of Web-based software for e-mail, along with word processing, spreadsheets and other kinds of documents. Google is one of the many companies vying for the business with its Apps product, as is Microsoft.

Web based e-mail would be vulnerable to hackers who steal login information through phishing attacks. But Web-based systems are not necessarily any easier to hack than traditional e-mail, which a government agency would usually manage using its own servers, said Larry Ponemon, chairman of the Ponemon Institute, a computer security firm in Traverse City, Mich.

Jay Carney, the White House press secretary, said on Thursday that all White House-related electronic mail was supposed to be conducted on work e-mail accounts to comply with the Presidential Records Act, which governs how those communications are protected and archived. Mr. Carney said there was no evidence that any White House accounts were compromised.

White House employees are permitted to have private e-mail accounts, he said, but cannot use them for work purposes.

Officials at the White House and other agencies often keep two computers in their offices, one for unclassified work and another for classified. Senior officials sometimes have a “secure facility” in their homes, in which computers and telephones are on dedicated lines and communications are encrypted.

Given its size, Google and its Gmail system will always make an attractive target.

Other personal e-mail services, including Yahoo and Microsoft’s Hotmail, have faced similar attacks, according to Trend Micro, a computer security company in Cupertino, Calif. “The types of attacks that are happening against Web mail users aren’t confined to Gmail alone and extend to other e-mail platforms,” said Nart Villeneuve, a senior threat researcher for Trend Micro.

Article source: http://www.nytimes.com/2011/06/04/technology/04hack.html?partner=rss&emc=rss

Filed Under: Global Business Tagged With: , ,

Wal-Mart Security Suit Seeks Oklahoma’s Help

May 26, 2011 by Leave a Comment

Mr. Gabbard has been on the run ever since, pursued by Wal-Mart’s lawyers, who claim he took a trove of company documents with him when he left. A corporate fugitive, he fled Wal-Mart’s home state of Arkansas and has not returned because a state judge has ordered he be arrested on sight and questioned under oath about whether he pilfered documents.

Now Wal-Mart has filed suit in Oklahoma — where Mr. Gabbard has moved — seeking to enforce the Arkansas judge’s order. Mr. Gabbard’s lawyers say the motion amounts to an attempt to have their client arrested and brought back to Arkansas, which would be highly unusual in a civil dispute.

Wal-Mart officials deny they want Mr. Gabbard physically detained — the order to arrest him has no legal weight outside Arkansas, they admit — but they are asking the Oklahoma court to require him to return internal corporate documents they say he has. They also say Mr. Gabbard posted Wal-Mart documents on a Web site he controls as recently as last week.

“We have credible evidence that Mr. Gabbard copied Wal-Mart files before returning them to the company, and he revealed this month that he still retains Wal-Mart’s confidential information,” said Greg Rossiter, a Wal-Mart spokesman. “All we are asking is that Mr. Gabbard comply with the court’s order requiring that he turn over confidential files.”

Mr. Gabbard maintains he did comply with the court order in April 2007, handing over all the documents he had at the time, including those on his desktop computer, several hard drives and a raft of other digital storage devices.

“I brought everything and surrendered it to Wal-Mart,” he said in an interview this week.

But Mr. Gabbard’s lawyers say he later came into possession of another batch of internal Wal-Mart documents, after he had been fired and after a court order in 2008 prohibiting him from revealing trade secrets. They argue those documents, which support his claim that he was wrongly terminated, are not covered by the court’s order.

Wal-Mart officials say those are questions for Judge John R. Scott in Bentonville, Ark., to decide. For two years, they complain, Mr. Gabbard has flouted the judge’s order to appear in court and to hand over company documents in his possession.

David Massey, a lawyer representing Mr. Gabbard pro bono, says his client believes he cannot get a fair hearing in Bentonville, home to Wal-Mart’s corporate headquarters. Mr. Massey says the Arkansas court denied his client due process when it held Mr. Gabbard in contempt two years ago.

Mr. Gabbard was unemployed and living in South Carolina when he received notice of the hearing, just three days before it was to take place, Mr. Massey said. The judge held the hearing without him, decided in Wal-Mart’s favor, then ordered the local sheriff to arrest Mr. Gabbard on sight for contempt of court. The ruling also ordered Mr. Gabbard to disclose all the documents he had, along with the names of everyone he had communicated with since January 2007.

“He’s scared to death to go back to Wal-Mart’s home court,” Mr. Massey said.

Mr. Gabbard, a 48-year-old former Marine, was fired after Wal-Mart discovered he had taped telephone conversations between a New York Times reporter and members of the company’s public relations staff. Mr. Gabbard, a computer security expert, has maintained he was a fall guy. His superiors knew he was monitoring phone calls, he says, and had encouraged him to find the leak to the newspaper. Wal-Mart says he acted alone.

After his dismissal, Mr. Gabbard embarrassed the retailer, telling The Wall Street Journal he was part of an elaborate operation that snooped on employees, stockholders and company critics. Wal-Mart also accused him of leaking trade secrets to the news media, including a plan to increase the retailer’s stock price called “Project Red.”

Article source: http://feeds.nytimes.com/click.phdo?i=9aaee77d238f0aa9e3a765a3582d8711

Filed Under: Business News Tagged With: , ,