You may recall my post: Cybersecurity Sprint or Multi-Year Egg Roll?.
Back in June 2015, the White house ordered all agencies via Chief Information Officer Tony Scott, a 30-day security sprint.
I must report that the FBI didn’t get the memo.
If you want to help the FBI with its security efforts, email or call them with a link to my earlier posting.
I say that because today it was confirmed that the 30-day security sprint is turning into a multi-year egg roll. My concluding question in that post.
I read today about Crackas With Attitude (CWA), hacking in the Joint Automated Booking System (JABS) (think FBI and law enforcement access only)
Swati Khandelwal reports in Hackers have Hacked into US Arrest Records Database:
The hacking group, Crackas With Attitude (CWA), claims it has gained access to a Law Enforcement Portal through which one can access:
- Arrest records
Tools for sharing information about terrorist events and active shooters
The system in question is reportedly known as the Joint Automated Booking System (JABS), which is only available to the Federal Bureau of Investigation (FBI) and law enforcement.
Today is November the 7th and as I track time, we are way past Tony Scott’s 30-day security sprint.
I did check and Tony Scott is still the Chief Information Officer for the United States and recently blogged about federal agencies using strong authentication over 80% of the time.
I guess that information resources like Joint Automated Booking System (JABS) must not be high enough priority to qualify for strong authentication.
Or perhaps Crackas With Attitude (CWA) have broken what the FBI considers to be strong authentication.
Maybe Crackas With Attitude (CWA) will dump raw data to the Dark Web from their hack. Give everyone a chance to see what the FBI considers to be low-value data.