Air Force loses access to database tracking fraud investigations to 2004


#1

[Read the post]


#2


#3

So… one of their most major administrative systems… had no backup? Was it maintained by middle-schoolers?


#4

Cyber Surety specialists ensure the security of computer networks and online communications. From programming to hardware, these experts keep our systems and our information safe.

I think we should put the Navy in charge of it now.


#5

There are still two key problems with us.mil InfoSec
A) There are really only two types of “cyber”, punks & war - every other use of the word implies ignorance on the subject - and it (primarily) exists in .mil & .gov circles

B) Despite some press to the contrary, .mil especially, does not hire the most talented as they are oft on the spectrum and/or not great with pointless authority - yet “managed” appropriately they are undeniably the top performers. Any outlier behavior in your background & .mil / .gov jobs are out of the question. Their eyes are starting to open to this fact but in many ways it’s too little too late.
C) The “brannigan” rule (uncounted) is the history of us.mil sloppiness when it comes to InfoSec - & that’s institutionalized.


#6

The article claims there was a back up, but it’s unrecoverable. So middle-schoolers, I guess?


#7

My dad, who worked at a rather secret agency for a very long time, told me they had encrypted a computer system so thoroughly they couldn’t get any of the data out of it that they had put into it. He told me this post-retirement in about 1976, I think. Some things never change.


#8

If you don’t test your backup procedure and your data, then you don’t have a backup of anything. You just have a waste of time, energy, and money when everything goes to hell.


#9

This, so much this. One like is not enough.


#10

That’s a long winded way of saying, yep.


#11


#12

Maybe I shouldn’t have filed that FOIA request asking for information about
Robert’); DROP TABLE ACTS;–


#13

Why don’t they just call Steve Gibson?


#14

Not unprecedented I’m sure. Probability is in everyhing, and nothing in life is certain.


#15

FYI - https://xkcd.com/327/


#16

Apparently it was outsourced to Lockheed-Martin; so I’m going with ‘very, very, expensive middle schoolers’.

It does make you wonder what the hell they were playing at. I’d certainly agree that data retention is harder than it looks, that’s part of why people put up with the IT department; but “Don’t lose the damn database” is one of the central objectives for IT departments of all shades and sizes, given that everything from crummy little CMS installs to Enterprise Data Warehousing stuff is database-backed these days.

It’s not a trivial problem; but it’s a nontrivial problem that gets solved every day by thousands of outfits, many of them with substantially slimmer resources.


#17

Except probability, certainly.


#18

This makes me want to put on my tin foil hat and shake my fist at black helicopters.
It’s as if the database contained inconvenient information that was conveniently lost.


#19

Care to expand on that? That is, the rule and who it’s named for?


#20

So named for 25-Star General Zapp Brannigan of Futurama fame. Known for poorly counted lists and general sloppiness when it comes to command decisions.

The sloppiness tho, really comes from both old (KGB) and current (FSB/SVR) memo descriptions of how the US handles InfoSec, quote “sloppy”.