[ISN] Hacker Breached NOAA Satellite Data from Contractor’s PC

http://www.nextgov.com/cybersecurity/2014/07/hacker-breached-noaa-satellite-data-contractors-pc/89771/ By Aliya Sternstein Nextgov.com July 28, 2014 National Oceanic and Atmospheric Administration satellite data was stolen from a contractor’s personal computer last year, but the agency could not investigate the incident because the employee refused to turn over the PC, according to a new inspector general report. This is but one of the “significant security deficiencies” that pose a threat to NOAA’s critical missions, the report states. Other weaknesses include unauthorized smartphone use on key systems and thousands of software vulnerabilities. The July 15 report made public on Friday concentrates on information-technology security problems at NOAA’s National Environmental Satellite, Data, and Information Service. NOAA is part of the Commerce Department. During the 2013 incident, “an attacker exfiltrated data from a NESDIS system to a suspicious external IP address via the remote connection established with a personal computer,” wrote Allen Crawley, Commerce’s assistant IG for systems acquisition and IT security, referring to a dodgy computer address. […]