Bureau of Engraving and Printing websites hacked

Tuesday - 5/4/2010, 4:45pm EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Jane Norris (6-10 a.m.) and The Daily Debrief with Chris Dorobek and Amy Morris (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • Two websites for the Bureau of Engraving and Printing, the Treasury Department unit responsible for print United States currency, have been hacked, according to the blog of a security software vendor. Roger Thompson, chief research officer for IT security software vendor AVG, wrote in his blog that for a short while on Monday a couple of treas.gov websites were hacked, and were reaching out to an attack site in Ukraine. Thompson identified the sites as bep.treas.gov and moneyfactory.gov. They had been script injected with the line of code, he wrote. GovInfoSecurity confirmed with a Treasury spokesman confirmed this afternoon that the agency is having problems with those pages, which remained inaccessible.

  • Can you have security without limiting freedom? Maybe not. In a recent article, Dr. Loren Thompson of the Lexington Institute says that the idea that the U.S. would be able to "curb internet criminality without limiting the freedom of everyday users" is not borne out by past experience. He writes that government policies for dealing with cyber dangers seem to be grounded in the belief that we can curb internet criminality without limiting the freedom of everyday users. Thompson argues that the lesson for policymakers is that they can't reasonably expect to get control of the criminal element operating in cyberspace unless typical users change their behavior.