On Sept 15, Malaysia police arrested Ardit Ferizi, 20, who is being accused of hacking into U.S. based company, the name of this company has not been released, and stole the information of 1,300 U.S. military and government personnel. Reports have confirmed that Ferizi was in contact with senior ISIS leaders in Syria, and has also sold this information to them. The information that was stolen was home addresses, phone numbers, email addresses, passwords, and photos of these people. ISIS then posted the information on social media as a means to issue “commands” to ISIS members to attack. Ferizi is also believed that he is the leader of a hacker group called “Kosova Hacker’s Security”, his alias in the hacking community is “Th3Dir3ctorY”.
Malaysian authorities and the FBI were working together in keeping the other informed on Ferizi’s actions. Malaysian authorities received information about Ferizi from the FBI, and began monitoring him. Ferizi is currently in custody and is being held until U.S. authorities can extradite him to the states. Ferizi is being charged with identity theft, computer hacking, and possibly other charges. If charged Ferizi could face up to 35 years in prison. The information to whom it related to have been notified by the Pentagon about the leak of information.
The government lack of care when it comes to cybersecurity is slowly catching up with them. With the rapid growth of technology and hacking culture, the need to protect government and military systems is more important than ever. The only thing that is holding back the military from spending on the latest software is because of rules set by the General Services Administration, they require that the software must be on the market for at least two years. By the time they get the software it is already very outdated.
Another issue with inferior software is that with every year more things are connected through networks. We’re in a time when everything is connected that includes our weapon systems, ships, tanks, and planes as stated by Defense Secretary Ash Carter. It’s sad to see that the Navy is still using Windows XP as there operating system. They have recently entered a contract with Microsoft, for them to provide security patches for the outdated software. If an attacker were able to get into some of these systems it would be a catastrophe no matter what the outcome is. Examples of such catastrophes would be, sensitive information being leaked, blueprints for new weapon designs/ systems, or absolute worst case scenario would be them gaining access to military equipment and causing them to fire.
The government is working on making it easier for agencies and the military to get new software. The National Defense Authorization Act, which is being debated in Congress, this will lead to major reform on how agencies can obtain newer software and be able to bring cybersecurity to a more secured standard. So far it has passed the House back in late May, and was passed in the Senate in mid-June. According to congress.gov it says that it is currently on the stage of “Resolving Differences”, as to when the President will sign it, there is no set date.