1:23 PM, Oct 4, 2013 • By JERYL BIER
A portion of the website of the Substance Abuse and Mental Health Services Administration (SAMHSA) was apparently hacked as long as two months ago. SAMHSA is an agency of the Department of Health and Human Services (HHS). HHS also runs the new Obamacare insurance marketplace, Healthcare.gov.
Dozens of pages hawking retail merchandise have been uploaded to the SAMHSA site, ranging from NFL jerseys to Ugg shoes to Armani fragrances. Screen captures of the various pages are shown here:
Clicking on the pages in some cases takes users directly to an external website; other times, certain functions seem to operate within the samhsa.gov site. Of the websites investigated, two domains are registered in the United States and one in China.
All of the instances uncovered by this investigation are under the sub domain nace.samhsa.gov, which is the Native American Center for Excellence. The first breach discovered dates back to July 29 of this year, and the unauthorized pages are still on the site.
In September, a portion of NASA's website was hacked by a Brazilian group protesting reports of spying in that country by the National Security Agency.
UPDATE: Shortly after this story was posted, the site nace.samhsa.gov returned an error message saying that the site could not be found. Later, the following message appeared on the site (misspelling included): "This site is undgoing maintenance. We are sorry for any inconvenience this has caused you." Here's a current screen capture:
While clicking on the original links in the story above return "file or directory not found" messages, at least one of the pages is available via a Google cache here showing how the page appeared as of October 3. A Google search of the site still turns up dozens of links to other pages from the hacking. The "undergoing maintenance" message on the SAMHSA website comes in spite of the fact that many government websites have been shuttered or severely limited due to the ongoing federal government shut down.
11:02 AM, Aug 27, 2013 • By DANIEL HALPER
Senator Mary Landrieu, a Democrat from Louisiana, is making the case that some "cyber" jobs need to be moved away from the Washington, D.C. area -- and to Louisiana, where those people might be physically safer.
“Those jobs can’t all be based inside Washington, D.C., and Arlington, Va.,” she explained to a local paper. "Some of those jobs need to be located outside the blast zone."
Landrieu did not explain what blasts she expects to hit the Washington, D.C. area, or when those blasts might hit.
12:00 AM, Jun 15, 2013 • By IRWIN M. STELZER
Chinese president Xi Jinping and U.S. President Barack Obama doffed their ties, rolled up their sleeves (well, at least Obama did), and even took the now-obligatory stroll around the Sunnylands Estate in Rancho Mirage, California, in the manner of Eisenhower and Khrushchev at Camp David, and Reagan and Gorbachev in Switzerland. This enabled the leaders to “establish and deepen their personal relationship,” according to Tom Donilon, Obama’s national security adviser at the time of the meeting.
10:32 AM, Jun 3, 2013 • By KEN JENSEN
Over the past few weeks things cyber have blown up in our faces once again. While some of the media noticed, the gist of the reporting was on who was doing what to us now, not the growing scandal of our essentially supine reaction to it.
11:11 AM, Jun 1, 2013 • By DANIEL HALPER
Defense Secretary Chuck Hagel had some words about the cyber threat from China while speaking today in Singapore. But a Chinese general, in the room for the speech, immediately responded by saying, "China is not convinced."
"Even as we seek to uphold principles in well-established areas, we must also recognize the need for common rules of the road in new domains," Hagel said, according to an official transcript of his remarks.
1:21 PM, May 13, 2013 • By KEN JENSEN
On May 6, the media was full of warnings about an immediately pending cyberattack called “OpUSA.” Homeland Security said “The attacks will likely result in limited disruptions and mostly consistent of nuisance-level attacks against publicly accessible web pages and possibly data exploitation.”
9:07 AM, Mar 8, 2013 • By KEN JENSEN
Since the hacking of the New York Times, the Wall Street Journal, the Washington Post, etc., and the Mandiant revelations about China’s PLA Unit 61398, the media and Internet have exploded with talk of our reaching a “tipping point” in cybersecurity (or not, depending on the point of view). We’re, in fact, long past the “tipping point”: what Mandiant had to say about Chinese hacking was actually old news to those who follow things cyber.
9:16 PM, Feb 12, 2013 • By DANIEL HALPER
At tonight's State of the Union Address, President Obama will announce that he has signed a cyber security executive order.
Webcraft as spycraft.Jun 11, 2012, Vol. 17, No. 37 • By JONATHAN V. LAST
Last April, the Iranian Oil Ministry and the National Iranian Oil Company noticed a problem with some of their computers: A small number of machines were spontaneously erasing themselves. Spooked by the recent Stuxnet attack, which had wrecked centrifuges in their nuclear labs, the Iranians suspected a piece of computer malware was to blame. They went to the United Nations’ International Telecommunications Union and asked for help.
3:05 PM, Jun 1, 2012 • By DANIEL HALPER
Elliott Abrams is rightly and eloquently outraged about this morning's New York Times article, which features Obama administration officials discussing sensitive and classified national security matters, for the sake of making the president look tough. The leakers—none of whom "would allow their names to be used because the effort remains highly classified, and parts of it continue to this day"—did no favor to our national security, or to efforts to stop Iran's nuclear program.
11:28 AM, Jun 1, 2012 • By WILLIAM KRISTOL
From the Washington Post: "Asked Thursday whether he could envision a situation in which the United States would take military action in Syria without U.N. authorization, Defense Secretary Leon E. Panetta said, 'No, I cannot envision that because, look, as secretary of defense, my greatest responsibility is to make sure when we deploy our men and women in uniform and put them at risk, we not only know what the mission is, but we have the kind of support we need to accomplish that mission.'"
4:02 PM, Oct 7, 2011 • By DANIEL HALPER
Noah Shachtman reports for Wired that "A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones."
5:13 PM, Oct 26, 2010 • By KELLEY CURRIE
In the Washington Post yesterday, Jackson Diehl had a column on the failure of the State Department to provide funding to something called the Global Internet Freedom Consortium, a collection of providers of gizmos that can circumvent firewalls constructed on the Internet by repressive regimes.
The U.S. still needs a plan to counter jihadist web sites.12:50 PM, Sep 30, 2010 • By THOMAS JOSCELYN
Congress's Subcommittee on Terrorism, Nonproliferation and Trade held a hearing yesterday to discuss the U.S. strategy, or lack thereof, for dealing with the proliferation of jihadist web sites. In addition to dozens of sites that are explicitly dedicated to spreading jihadist ideology, al Qaeda and other like-minded organizations have become increasingly adept at using social media and highly-trafficked web sites such as YouTube to spread their message.