Recorded Future, a social media data mining firm backed by the CIA’s venture capital arm, says in a report that login credentials for nearly every federal agency have been posted on open Internet sites for those who know where to look.
Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains.
As of early 2015, 12 of these agencies, including the Departments of State and Energy, allowed some of their users access to computer networks with no form of two-factor authentication. The presence of these credentials on the open Web leaves these agencies vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce.
The findings by Recorded Future were gained using the company’s Web Intelligence Engine which scans more than 680,000 Web sources in seven languages. Recorded Future arms information security teams with real-time threat intelligence so you can proactively defend your organization against cyber attacks.
Source: [Recorded Future]
LibertasIntel 