Tuesday, July 17, 2007

Military FTP sites

It's been reported that FTP file servers run by the military were discovered to be wide open, by reporters from AP, no less, allowing the download of maps of Iraqi military facilities, descriptions of security features and plans for infrastructure upgrades. The sites either had NO password protection (as if they should have been on publicly accessible FTP sites to begin with), or in one case, the password was included in another file on the server. If we are constantly losing the battle to secure sensitive data of national concern, how can we expect to win the real military battles being waged? This was not because of the techno kung-fu applied by uber hackers of malicious nation states, but because of simple sysadmin type negligence that should have gone the way of the dodo bird ten years ago. Maybe the solution is apply penalties in line with what this truly does, that is, put folks in harms way.

No comments:

Blog Archive