A technology consultant agreed to plead guilty to four charges of exceeding authorized access after he used common hacking tools to breach the security of FBI systems during his stint upgrading the agency's computers, according to a Thursday article in the Washington Post.
The network engineer, BAE System's employee Joseph Thomas Colon, used an FBI agent's credentials in 2004 to get access to a file that contained the encrypted versions of nearly 38,000 users' passwords, the Post stated. Using a common security tool available online, he decrypted the passwords and broke into systems that contained information on the Witness Protection Program and details on counterespionage activities, the article stated.
The incident underscores the problems that both the FBI and other government agencies are having with computer security. The U.S. Department of Justice, which includes the FBI, received a 'D' for computer security in 2005, as ranked by an audit of government agencies required by the Federal Information Security and Management Act (FISMA). The FBI also had to cancel a previous computer upgrade to its case and information management system, known as Virtual Case File. The National Security Agency--the secretive military agency responsible for protecting U.S. communications and breaking those of other nations--has had similar problems.
In the most recent case, Colon lost his job at BAE Systems and his top-secret clearance has been revoked, according to the article. The consultant claimed that the local FBI office approved of his actions, the Post said. He faces up to 18 months in prison.
Posted by: Robert Lemos