Author |
FEMA phones hacked; calls made to Mideast, Asia |
Fatal Rocko Willis Fleet Admiral Fatal Squadron
Joined: March 01, 2003 Posts: 1336 From: Kentucky
| Posted: 2008-08-21 08:16  
WASHINGTON - A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia. The hacker made more than 400 calls on a Federal Emergency Management Agency voicemail system in Emmitsburg, Md., on Saturday and Sunday, according to FEMA spokesman Tom Olshanski.
FEMA is part of Homeland Security, which in 2003 put out a warning about this very vulnerability. The voicemail system is new and recently was installed. It is a Private Branch Exchange, or PBX, a traditional corporate phone network that is used in thousands of companies and government offices. Many companies are moving to a higher tech version, known as Voice Over Internet Telephony.
This type of hacking is very low-tech and "old school," said John Jackson, a St. Louis-based security consultant. It was popular 10 to 15 years ago. Telecommunications security administrators now know to configure security settings, such as having individual users create unique passwords and not continue to use the password assigned to users in the initial setup.
"In this case it's sort of embarrassing that it happened to FEMA themselves — FEMA being a child of DHS, with calls going to the Middle East," Johnson said. Afghanistan, Saudi Arabia, India and Yemen are among the countries calls were made to, Olshanski said. Most of the calls were about three minutes long, but some were as long as 10 minutes.
Sprint caught the fraud over the weekend and halted all outgoing long-distance calls from FEMA's National Emergency Training Center in Emmitsburg. FEMA's chief information officer is investigating who hacked into the system and where exactly the calls were placed to. At this point it appears a "hole" was left open by the contractor when the voicemail system was being upgraded, Olshanski said. Olshanski did not know who the contractor was or what hole specifically was left open, but he assured the hole has since been closed.
In 2003, Homeland Security and the FBI investigated multiple reports about private industry being breached by these types of hackers. "This illegal activity enables unauthorized individuals anywhere in the world to communicate via compromised U.S. phone systems in a way that is difficult to trace," according to a department information bulletin from June 3, 2003.
_________________
|
Junky Da FunkyMonke Admiral
Joined: May 14, 2007 Posts: 347 From: The Hotel California, takes excursions to Deep Sexys Space every now and then
| Posted: 2008-08-21 16:23  
lol and did any notice the "Voice Over Internet Telephony?"
_________________
|
$yTHe {C?} Grand Admiral Sundered Weimeriners
Joined: September 29, 2002 Posts: 1292 From: Arlington, VA
| Posted: 2008-08-21 17:02  
That's what it's called.
_________________
|
kenetiks Admiral Galactic Navy
Joined: November 21, 2001 Posts: 1130 From: Bandcamp
| Posted: 2008-08-21 18:03  
These types of things have been going on for years. It's not the first time the federal government has been embarrassed by a simple misconfiguration. It is typical of federal contract work especially. Most people barely remember when the internet was just becoming popular and the feds were bridging a lot of their systems onto the internet for ease-of-use and not really paying attention to the default accounts that were still active. For instance, a lot of nix based systems had guest accounts that could be used to run arbitrary code. A bunch of other bungles as well.
Nimba and Code Red breached internal banking systems, most government level's systems. Comprimised millions of machines.
_________________
|
Little Pet Slinki Admiral
Joined: April 16, 2006 Posts: 836 From: United Kingdom, South West.
| Posted: 2008-08-21 18:06  
Quote:[/small]
|
On 2008-08-21 16:23, Junky Da FunkyMonke wrote:
lol and did any notice the "Voice Over Internet Telephony?"
|
|
In telecommunication, telephony (pronounced /təˈlɛfəni/ or teh-LEH-fuh-nee) encompasses the general use of equipment to provide voice communication over distances, specifically by connecting telephones to each other.
Edit: Seems a simple mistake to make? Although you'd think someone would've stepped up and said something
[ This Message was edited by: Grantham on 2008-08-21 22:09 ]
_________________
|
Xpli$it Marshal
Joined: March 06, 2004 Posts: 486 From: Canada
| Posted: 2008-08-21 19:35  
Quote:[/small]
|
On 2008-08-21 18:06, Grantham wrote:
In telecommunication, [i]telephony]/i] (pronounced /təˈlɛfəni/ or teh-LEH-fuh-nee) encompasses the general use of equipment to provide voice
Edit: Seems a simple mistake to make? Although you'd think someone would've stepped up and said something
|
|
Your editing skills fail.
Edit: So do mine.
[ This Message was edited by: Xpli$it on 2008-08-21 19:36 ]
_________________
|
doda *EP5 no longer exception...* Grand Admiral
Joined: December 11, 2005 Posts: 1012 From: happy land
| Posted: 2008-08-21 21:45  
Quote:
|
On 2008-08-21 18:06, Grantham wrote:
Quote:[/small]
|
On 2008-08-21 16:23, Junky Da FunkyMonke wrote:
lol and did any notice the "Voice Over Internet Telephony?"
|
|
(pronounced /təˈlɛfəni/ ...[ This Message was edited by: Grantham on 2008-08-21 18:07 ]
[/quote]
WAAAAA?
_________________ Please resize your Admin - signature
VCA since June 5th 06
|
|