The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

  • Subscribe

  • Xavier’s tweets

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Goodreads

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 1,186 other followers

  • Blog Stats

    • 52,779 hits

Bureau of Industry and Security Hacked

Posted by Xavier Ashe on October 11, 2006

The BIS is the part of the U.S. Department of Commerce responsible
for export control. If you have a dual-use technology that you need
special approval in order to export outside the U.S., or to export it
to specific countries, BIS is what you submit the paperwork to.

It's been hacked by “hackers working through Chinese servers,” and has been shut down. This may very well have been a targeted attack.

Manufacturers of hardware crypto devices — mass-market software is
exempted — must submit detailed design information to BIS in order to
get an export license. There's a lot of detailed information on crypto
products in the BIS computers.

Of course, I have no way of knowing if this information was breached
or if that's what the hackers were after, but it is interesting. On the
other hand, any crypto product that relied on this information being
secret doesn't deserve to be on the market anyway.

From Bruce Schneier's blog.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: