Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Reimagining the Next Generation of Government
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
TSP 'attack': Was it phish or foul?
Tuesday - 3/18/2014, 2:00am EDT
The career danger is even greater for feds, because of work-rules and the nature of their jobs. That's especially true for those in law enforcement, defense and homeland security jobs. But it also applies to workers at the Internal Revenue Service, Federal Aviation Administration, Securities and Exchange Commission and many others.
Feds are especially tempting targets for groups ranging from sophisticated crooks in Russia and the Ukraine to state-run operations from North Korea and China.
Names and data from the 4.5 million accounts in the federal Thrift Savings Plan — Uncle Sam's in-house 401(k) plan — are an especially tempting target. The TSP is where millions of federal civilian and military personnel, active and retired, have invested billions of dollars as part of their retirement nest egg.
On Saturday, The Washington Post reported that the TSP was the target of what was described as a well-intentioned Army "phishing expedition" effort to see if employees who got a mysterious email about the TSP would check their accounts.
The fake message went to about 100 Army civilian and military personnel, according to the report. But that set off a chain reaction. Apparently, thousands of confused, and in some cases nervous, TSP account holders got and then forwarded the fake check-your-account message to colleagues and friends throughout the government.
For many feds it was a not-so-fun déjà vu moment.
In May 2012, the TSP announced that just over 123,000 account holders were victims of a very real, very sophisticated cyber attack. The attack was apparently made nearly a year earlier, but the Federal Retirement Thrift Investment Board — the small federal agency that runs the TSP program — only learned from the FBI of the attack months after it happened.
At the time the attack was made public, account-holders were notified by mail that some or most of their information, including Social Security numbers and addresses, had been taken in the attack.
Federal agencies are prime targets for so-called spear-phishing actions for a variety of reasons. As security is tightened, the people seeking the information, ranging from teenagers at home and abroad as well as friendly and not-so-friendly governments, get better too.
Bottom line: Don't believe everything you read on the Internet. And if you get a JDLR (just-don't-look-right) message, think twice before opening or forwarding it.
And, as a well-meaning friend or older relative probably told you as a youth, "Don't do anything stupid!" In the cyber world, that's easier said than done.
ONLINE CHAT: Sign up now for a free online chat with benefits and retirement experts Mike Causey and Tammy Flanagan, March 19, at 11 a.m. Tammy, the senior benefits director at the National Institute of Transition Planning, will answer all of your retirement questions. Click here to register today.
NEARLY USELESS FACTOID
Compiled by Jack Moore
McDonalds first rolled out the Shamrock Shake — the mint-flavored seasonal favorite — in 1970 under the name "St. Patrick's Day Shake." In its modern form, the beverage contains 820 calories, equivalent to about 1 and 1/2 Big Macs.
(Source: Huffington Post)
MORE FROM FEDERAL NEWS RADIO
to employee training dissatisfaction?
Budget cuts, alone, can't explain employees' sinking satisfaction with training, according to a new analysis prepared by the Tully Rinckey law firm in Washington, D.C., which specializes in federal employment law. As dissatisfaction with training opportunities has intensified in recent years, the number of Equal Employment Opportunity complaints alleging discrimination in training opportunities have also shot upwards, according to the firm's analysis.
What can USPS learn
from TRICARE in funding retiree health care costs?
As lawmakers consider efforts to shore up the Postal Service's financial footing, there's still widespread disagreement over whether the current requirement for the agency prefunding requirement is fiscally responsible, as Rep. Blake Farenthold (R-Texas) argued during a House Oversight and Government Reform subcommittee hearing Thursday, or an "onerous mandate" only required of the Postal Service, as Rep. Stephen Lynch (D-Mass.) contended.