Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, August 16, 2013

Hackers break into Energy’s computer networks, put employees at risk

“Individual notifications to affected current employees will begin no later than this Friday, Aug. 16, and will be completed by Aug. 30,” stated an internal Energy Department email sent to employees earlier this week, which was obtained by Federal News Radio. “While a significant number of employees whose information may have been affected may no longer be employed by the department, it will be necessary to obtain current contact information in order to notify these personnel. DoE told employees it is working with federal law enforcement agencies to find out more about the hacking incident, which happened at the end of July. In February, Energy said the attack disclosed employee PII, but didn’t offer any details of how many or which parts of the agency were affected.


In 2011, Energy’s lab went offline for almost two weeks after a cyber attack against the Northwest National Laboratory in Washington state limited Internet access and took down its website.

Auditors said Energy maintained a number of independent, at least partially duplicative, cybersecurity incident management capabilities that created inefficiencies in the process and security of the network.

Since the report, Energy CIO Bob Brese told Federal News Radio in December he’s trying to modernize the agency’s network in layers and start up a new security operations center.

Former Energy Chief Information Security Officer Gil Vega said in April Energy faced a zero day attack earlier this year and responded quickly because of the cyber threat intelligence coming from the coordination center.



Posted on 08/16