![]() The command is executing six essential functions in pursuit of these priorities – future operational environment, research, concepts, experimentation, requirements and integration – with support from industry, academia and Joint and multinational partners. It is the newest of the Army’s four major commands, established in 2018 to ensure the Army and its Soldiers remain at the forefront of technological innovation and warfighting ability.ĪFC currently focuses on three overarching priorities: prioritizing people, designing Army 2040 and delivering Army 2030. Headquartered in Austin, Texas, AFC has more than 17,000 personnel worldwide. Army Futures Command (AFC) exists to transform the Army to ensure war-winning future readiness. ![]() TechCrunch asked the Department of Defense if it has the technical ability, such as logs, to detect any evidence of improper access or data exfiltration from the database, but the spokesperson did not say.U.S. It’s not known if anyone other than Sen found the exposed data during the two-week window that the cloud server was accessible from the internet. ![]() Special Operations Command’s information systems,” said McGraw. “We can confirm at this point is no one hacked U.S. USSOCOM spokesperson Ken McGraw said in an email on Tuesday that an investigation, which began Monday, is under way. ![]() When reached by email, a senior Pentagon official confirmed they had passed details of the exposed server to USSOCOM. holiday weekend but the exposed server wasn’t secured until Monday afternoon. TechCrunch contacted USSOCOM on Sunday morning during a U.S. It’s not clear how the mailbox data became exposed to the public internet, but it’s likely due to a misconfiguration caused by human error. None of the limited data seen by TechCrunch appeared to be classified, which would be consistent with USSOCOM’s civilian network, as classified networks are inaccessible from the internet.Īccording to a listing on Shodan, a search engine that crawls the web for exposed systems and databases, the mailbox server was first detected as spilling data on February 8. In 2015, suspected Chinese hackers stole millions of sensitive background check files of government employees who sought security clearance in a data breach at the U.S. These personnel questionnaires contain a significant amount of background information on security clearance holders valuable to foreign adversaries. One of the exposed files included a completed SF-86 questionnaire, which are filled out by federal employees seeking a security clearance and contain highly sensitive personal and health information for vetting individuals before they are cleared to handle classified information. The server was packed with internal military email messages, dating back years, some of which contained sensitive personnel information. military unit tasked with conducting special military operations.īut a misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address.Īnurag Sen, a good-faith security researcher known for discovering sensitive data that has been inadvertently published online, found the exposed server over the weekend and provided details to TechCrunch so we could alert the U.S. Special Operations Command, or USSOCOM, the U.S. The exposed server was part of an internal mailbox system storing about three terabytes of internal military emails, many pertaining to U.S. The exposed server was hosted on Microsoft’s Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data. military emails to the open internet for the past two weeks. Department of Defense secured an exposed server on Monday that was spilling internal U.S.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |