Archive for October, 2014

White House Network Breached By Hackers

Wednesday, October 29th, 2014

 

The Washington Post reported that hackers believed to be working for the Russian government breached the unclassified computer networks in the White House within the past month.

 

There was no official statement from the White House, but officials spoke on the condition of anonymity to Post and confirmed that the breach had occurred and the investigation is ongoing. Officials say that there was no damage done, and stated that there was no evidence to suggest the White House’s classified network was hacked. Officials did not comment on the alleged identity of the hackers. According to the Post:

 

Recent reports by security firms have identified cyber-espionage campaigns by Russian hackers thought to be working for the government. Targets have included NATO, the Ukrainian government and U.S. defense contractors. Russia is regarded by U.S. officials as being in the top tied of states with cyber-capabilities.

 

It is also believed that Russian intelligence was behind an intrusion into the networks of the U.S. military in 2008, a breach which took months to contain and clean up.

 

There was minor disruption of regular services as White House staff dealt with the intrusion.

 

IT Security from DHA

 

From the White House to private enterprise, IT security is of the utmost importance. In a world where hacking and intrusions are inevitable, your organization’s networks must always be protected. External threats can compromise sensitive data and damage the integrity of your operation. DHA offers comprehensive IT support for civilian and federal agencies which includes IT security. From critical infrastructure protection to risk and vulnerability management, DHA can help keep your networks safe and secure.

 

White House network hack

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on FacebookLinkedInTwitter and Google+.

Source

http://www.washingtonpost.com/world/national-security/hackers-breach-some-white-house-computers/2014/10/28/2ddf2fa0-5ef7-11e4-91f7-5d89b5e8c251_story.html

 

The Benefits of IT Support from DHA

Friday, October 24th, 2014

 

In today’s business world, comprehensive IT solutions for large-scale operations are a necessity. Modern IT solutions are what enable businesses to remain competitive in the 24/7 world of international business. So how can firms leverage their IT towards this end? Contracting a third-party IT solution for your business gives your IT systems the edge that allows them to drive the growth of your business. Here’s what third-party IT support can do for you.

 

IT Security

 

At no time has the security of your IT been more important than now. Virtual threats are a constant in the digital age, which is why the support of an experience IT team is needed to keep your system safe in the face of these threats. DHA offers ISO, network and physical security, critical infrastructure protection, and risk and vulnerability management to ensure the security of your IT.

 

IT Services

 

IT services cover all of your IT needs. From website development to system administration, from data integration to system validation and verification testing, our comprehensive IT support covers every IT service you may need.

 

Data Hosting

 

Secure hosting of data is essential for any business. Equally as important as security is ease of access to this data. Our turn-key data hosting solutions emphasize both security and ease of access for those with credentials.

 

Telecommunications

 

Communications are another important component of an IT solution. With integrated telecommunications, including Enterprise Blackberry Deployment/Management, and SVTC, your business will always be able to communicate at the highest level.

 

third party IT solution

 

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on social media on FacebookLinkedInTwitter or Google+.

 

 

How Program Management from DHA Creates Results

Friday, October 17th, 2014

 

Large-scale programs require a comprehensive approach to management that is geared towards results. Each component of program management, from program governance, to infrastructure and planning is essential in ensuring that the program meets its goals. DHA offers strategic program management for your operation designed to meet the goals of your organization. From federal agencies to civilian enterprises, program management is essential for the success of your operation.

 

Program Management from DHA

 

Our comprehensive program management services cover every facet of your program. From strategic planning and conceptualization, to cost benefit analyses, to acquisition planning and management and deliverables review, we use our extensive experience in project management to create the results you need. We provide:

 

-Strategic Planning

-Configuration Management

-Schedule

-Risk Management

-Budget

-Expenditure Tracking

-Requirements Definition and Analysis

-Market studies and analyses

-Cost benefit analyses

-Mission needs statements

-Concepts of operations

-Statements of work and objectives

-Detailed technical evaluations of methods and products

-Contract strategies and acquisition planning

-Deliverables review and earn

 

Learn More About Program Management

 

Learn more about program management in our blogs.

 

-Learn how program governance works to align the many interests of a program into a unified vision.

-Learn how to the hierarchy of program management works to ensure a strategic approach.

-Learn how the financial needs of a program are managed relative to the goal of the program.

-Learn how the complex parts of a program are incorporated into the program’s infrastructure.

-Learn how program planning builds the program from the ground up and refines it into a smooth running operation.

 

 

program management infrastructure

 

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on social media on FacebookLinkedInTwitter or Google+.

HP Discloses Signed Malware Vulnerability

Friday, October 10th, 2014

certificateEarlier this week HP softly announced, via the release of several client advisories, that on Oct. 21, 2014, they will be revoking a digital certificate that HP had used in the past to sign certain software components that had shipped with many of their older products. HP announced that they were taking this step in response to malicious software that had been signed with the certificate 4 years ago, in 2010.

 

What is a Code Signature?

Code signatures are essentially digital seals of authenticity, unique and incredibly difficult to replicate strings of data that identify a piece of software as being a legitimate product of a specific company. They are used to both combat online software piracy, and to provide customers with the assurance that they are using a genuine product and not malware. Signed digital certificates are highly prized by hackers because they make it all the easier to fool unsuspecting users into believing a piece of malware to be an authentic product.

 

Is This A Serious Problem?

According to HP, no. Representatives of the company stated that the malware was traced back to a Trojan horse virus that had infected a staff member’s office computer and, through sheer chance, automatically renamed itself to a file that was later accidentally included in a software package containing the digital signature. HP believes the threat from the intrusion to be minimal, in large part because the software package in question was never distributed to any customers and the certificate itself expired several years ago and thus cannot be used to create new files.

However, the certificate in question was used to sign a considerable amount of HP software, including several fundamental hardware and software drivers. As a precaution HP is revoking the certificate, and issuing a new one for software already in use.

 

Stay on Top of IT News with DHA Support Group

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on social media on FacebookLinkedInTwitter or Google+.

Source: http://krebsonsecurity.com/2014/10/signed-malware-is-expensive-oops-for-hp/

Shellshocked: Bash Bug Puts Millions of Devices at Risk

Thursday, October 2nd, 2014

 

News this week of a vulnerability in the software program known as Bash put millions of devices running Linux and Mac operating systems at risk of being hacked. Already, hackers have started exploiting the vulnerability to access these devices through a back door entrance created by the bug in order to run their own commands on the devices,.

 

The vulnerability is known as shellshock. This is because Bash, an open source software program written more than 2 decades ago, is “a shell utility, a black-boxy way of interfacing with an operating system that predates the graphical user interface.” Essentially, Bash was written back in the early days of the internet as a way for software engineers to interface web software with an operating system.

 

Bash was written and rewritten constantly through the years as the internet and operating systems evolved. But in 1992, an error was written into Bash’s code. Despite the idea that the many eyes looking at open source code allow it to be corrected faster than proprietary code, this error went unnoticed, and continued to hide until just now. The bug was uncovered this past week, and hackers immediately went to work on exploiting it. According to Wired, the bug allows hackers to run their own commands on web servers and take control of machines running Linux and Mac operating systems.

 

“The shellshock attacks are being used to infect thousands of machines with malware designed to make them part of a botnet of computers that obey hackers’ commands. And in at least one case the hijacked machines are already launching distributed denial of service attacks that flood victims with junk traffic, according to security researchers.”

 

Linux released a patch soon after the vulnerability was discovered. Though it was discovered that the patch can be circumvented, Linux is recommending that users install the patch anyway, as it will fix some of the vulnerabilities. Apple has also released a Bash patch for the Mac OS X.

 

Bash bug

 

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on social media on FacebookLinkedInTwitter or Google+.

Sources

http://www.wired.com/2014/09/hackers-already-using-shellshock-bug-create-botnets-ddos-attacks/

http://www.wired.com/2014/09/shellshocked-bash/

http://www.techradar.com/us/news/computing/apple/apple-releases-bash-bug-patch-for-os-x-1267228