Misconfigured Pentagon servers could have been exploited for cyberattack

By Jonathan Keane February 3, 2017

vulnerable pentagon servers the united states department of defense — Image used with permission by copyright holder

A cybersecurity researcher has discovered a number of misconfigured servers belonging to the Department of Defense that could have left internal networks vulnerable to outsider access and attack.

According to Dan Tentler of Phobos Group, these vulnerable servers could have been used, in theory, to carry out cyberattacks to make them look like they were perpetrated by United States actors. No classified information could be accessed through these vulnerabilities however.

“There were hosts that were discovered that had serious technical misconfiguration problems that could be easily abused by an attacker inside or outside of the country, who could want to implicate the U.S. as culprits in hacking attacks if they so desire,” Tentler told ZDNet.

Last year the Department of Defense launched its first bug bounty program. It allows accredited white hat hackers to test various (but not all) of the Pentagon’s public facing networks for bugs. Hackers are limited to the department’s services on the defense.gov and .mil domains. The servers that Tentler discovered were within these domains.

Tentler said it was “very likely” that these servers have been exploited already. The Pentagon was allegedly made aware of the misconfigured servers eight months ago but has yet to patch the flaws. Tentler reported the bugs to HackerOne, which operates bug bounty programs, but given the rules of the program, he is limited in what he can disclose publicly.

Tentler himself is critical of the cybersecurity preparedness of the Pentagon, and the government in general. “The Pentagon has created a circumstance where the good guys can’t find the problems because we’re not allowed to scan, or go out of scope, or find things on our own,” he said, while bad actors can tinker away at these systems with little or no regard.

Much has been made about how the Trump administration will handle cybersecurity. Tentler added that leaked plans to carry cyber reviews on federal systems every 60 days “demonstrates a complete lack of understanding what the existing problems are.”

Topics

Former Digital Trends Contributor

Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…

Computing

This Serta office chair is on sale from $360 to $230

The Serta Smart Layers Brinkley Manager Chair on a white background.

Are you on the hunt for office chair deals? Here's one that should help boost your productivity -- the Serta Smart Layers Brinkley Manager Chair for only $230, following a $130 discount from Lenovo on its original price of $360. We're not sure how much time is remaining before you lose the chance to get this office chair at 36% off though, so if you're interested in this offer, we highly recommend that you push through with the transaction as soon as possible. Any delay may cause you to miss out on this bargain.

Why you should buy the Serta Smart Layers Brinkley Manager Chair
For an office chair that provides both comfort and performance, you can't go wrong with the Serta Smart Layers Brinkley Manager Chair. It features five layers of foam with ComfortCoils that are individually wrapped, for the ability to provide relief on the critical pressure points of the body while maintaining pleasant temperatures even during extended use. The office chair's ergonomic design, lumbar support, and waterfall seat cushion makes it even more comfortable so you won't get body pains when your daily workload forces you to sit for several hours each day.

Computing

Best router deals: Save on mesh networks and Wi-Fi 6 routers

The Netgear Nighthawk AXE11000 Tri-Band Wi-Fi 6E Router on a table.

If you haven't bought a router in a while, now is really the time to do it, as a lot of modern routers are better suited to a world where you might connect several devices to one router at the same time. In fact, part of the new Wi-Fi 6 and Wi-Fi 6E standards is built around the concept of the Internet of Things and connecting to dozens of devices. That's great if you have a lot of smart home gear you need to connect without getting a ton of latency; plus, the newer standard helps with working around congested airwaves where everybody has some form of router and Wi-Fi connection running.
Of course, there are a lot of routers to pick from out there, and if you don't have a lot of tech-savvy, it can be overwhelming. That's why we've gone out and found our favorite router deals that will give you the best bang for your buck, and that includes mesh router deals too.

Best Router Deals
TP-Link Archer AX3000 -- $83, was $130

Computing

HP is practically giving away this QHD conferencing display

The HP Z24m G3 QHD conferencing display on a white background.

Not all monitor deals will get you a display that's designed for conferencing purposes. If you were hoping to get one for cheap, check out this offer from HP -- a $359 discount for the HP Z24m G3 QHD conferencing display that pulls its price down to a very affordable $150 from its original price of $509. This 70% discount will only be available for a limited time though, so if you're interested in this screen, there should be no hesitation with your purchase. Add it to your cart and push forward with the checkout process immediately.

Why you should buy the HP Z24m G3 QHD conferencing display
HP Z24m G3 QHD conferencing display is equipped with helpful conferencing features, such as a 5MP webcam and noise-cancelling microphones so that you'll look and sound crystal clear during your online meetings, and recessed speakers that are located within the screen's borderless frame to help you follow discussions closely. The monitor is also equipped with HP Presence, which will let you access conferencing solutions that enable seamless connections, meeting optimizations, and real-time insights.