By 2/9/16 12:01 AM –
A hacker claimed this week to have stolen 200 gigabytes of sensitive government information, including personal details about 30,000 employees at the Department of Homeland Security and FBI.
How did he do it? When his initial attacks failed, he posed as a confused government employee and called the agency’s customer service line. They proved very helpful, immediately providing him with a valid token code. This frequently-changing access code is supposed to improve security, because employees are only able to obtain it through a government-issued device they’re meant to carry with them. But token codes aren’t much protection when people give them out to strangers over the phone.
Having defeated their own security system, customer service let the hacker help himself to up to a terabyte of information through a Department of Justice computer.
This sort of story might have seemed hard to believe a year ago. But today, it is par for the public course. The federal government, with its annual budget of $3.8 trillion and civilian workforce of more than 2 million, is the biggest and best-funded entity in the known universe. It is also hopelessly incompetent to perform many of its multitudinous functions. One of its special incompetencies is protecting sensitive data, on which it nevertheless spends a staggering $80 billion per year.