Krebs on Security has A great story about domain access that gives away the destination for boys ( and a few girls no doubt) who want porn, and get it through a government computer. The article has specifics on a number of government agencies that do that on a regular basis.
This story shocked me, not because people were still accessing porn from government sites, but because the government offices had not caught them at it and corrected the behavior. It used to be a common discovery in our intrusion detection systems, at least once a week. We gave these to agency security officers who dealt with it. We did find out that a large part of our porn problem came from inside the network and shut that down through prosecution. After that, it dropped down to every other month. People in our organizations knew they were being monitored and used their own systems after that. That tells me something about the new networks. Just from my own observations, I wonder what has happened to intrusion dectection. Insider threat should be solved by now since it is a mandatory requirement. What gives here? The auditors and the auditors of them are not doing much of anything, if simple things like porn site access cannot be stopped.
No comments:
Post a Comment