Source: National Cyber Security – Produced By Gregory Evans
New research indicates that the login credentials of government employees have been online for years. Threat intelligence company Recorded Future just released a bombshell report indicating that these credentials are associated with 47 US government agencies. This data was discovered in plain sight, on what are called paste sites such as Pastebin. A credential is generally an email address tied with a password. So, this discovery means that a government email and password unit were openly posted by potential hackers. According to Recorded Future analyst Scott Donnelly, these findings are bad for a few reasons. For one, it means that government employees are using their work email address on insecure sites — leaving them wide open to hackers if any of those websites is compromised. Worse, many government agencies don’t employ proper login safeguards like two-step authentication, which can require employees to verify any new login attempts with the goal of preventing hacking attempts. In fact, 12 of the 47 agencies tied to these credential dumps do not use two-step authentication standards, which has become a security must-do. Coupling this with that fact that over 50% of all internet users reuse their passwords, it’s likely that government networks are hacked […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post A research company discovered the login credentials from 47 government agencies just sitting in plain sight on the internet appeared first on National Cyber Security.
View full post on National Cyber Security