A CIA-backed startup discovered the US government's 47 login and access codes to move online, effectively leaving the federal agencies open to any attacker, or any stranger.
Η εταιρεία Recorded Future, από τη Βοστώνη είναι μια υπηρεσία εξόρυξης data που υποστηρίζεται από τα επιχειρηματικά κεφαλαία της CIA. Η εταιρεία δήλωσε ότι τα ανακάλυψε διαπιστευτήρια που ανήκουν σε 47 κυβερνητικές υπηρεσίες των ΗΠΑ σε 89 μοναδικά domains online.
The control ID cardTwo-factor authentication is an option offered by various online services, such as Facebook, Gmail, and PayPal, to increase personal security by providing a second layer of defense.
As passwords are no longer the most secure way to protect an account, connecting one mobile phone number in your account can be used to prevent an illegal entry.
However, since the beginning of 2015, 12 from the US services that have been infringed do not use the two-factor authentication security feature.
"The presence of these credentials on the Open Web leaves these services vulnerable to espionage, social engineering attacks, and custom spear-phishing attacks against their workforce," says Recorded Future.
Recorded Future used the Web Intelligence Engine, a machine “analytics” designed to look for “invisible connections” between content that refers to the “same or related things and events.”
The Web Intelligence Engine has scanned over 680.000 Web resources in multiple languages, and by linking the contexts and sources found the credentials belonging to government agencies.