Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Lessons for CSOs in Snowden exploit of NSA networks

Antone Gonsalves | Dec. 18, 2013
Snowden used other employees' passwords, hacked firewalls to enter classified systems.

While the technology holds promise, it's not quite ready for the enterprise, Coleman said. "It hasn't, in my opinion, been proven yet to the point where I would be willing to say it's a ready-for-primetime technology."

Snowden using other people's passwords to access classified networks did not surprise experts. Many corporate employees, including IT staff, share passwords with people in their own department.

Within an IT department, a system administrator will sometimes share his password with people who need access to servers, Paul Martini, chief executive of network security company iboss, said.

Putting stricter policies in place that prevent password sharing, particularly for accounts held by administrators, would improve security, Martini said. Another best practice would include compartmentalizing the network, and giving people access only to the areas that they need to be in to do their job.

"It seems obvious, but not every IT personnel, even at the higher level, should have access to certain passwords or (critical) systems," Martini said.

Technically speaking, experts did not believe Snowden had hacked any firewalls to enter certain parts of the NSA system, as reported by The Times.

Instead, Snowden might have found an open port going through a firewall or broke into a network that was trusted by another network, Ron Gula, chief executive officer of Tenable Network Security, said.

"It's very unlikely that he broke into a firewall and then perhaps configured the firewall to give him access," Gula said. "It was much more likely he just found a port to talk to a server on the other side of that firewall."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.