|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Mon Mar 26 2007 - 01:34:14 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.af.mil/news/story.asp?id=123046045
By Carmen L. Gleason
American Forces Press Service
3/23/2007
WASHINGTON (AFNEWS) -- Defense Department officials have launched an
investigation into recent computer hackings of servicemembers' home
computers that compromised personal information and led to the
redirection of funds from their military pay accounts.
Over the past eight months, nearly two dozen Defense Finance and
Accounting Service "myPay" participants have had their accounts accessed
by unauthorized personnel, officials said. The myPay program allows DFAS
users to manage pay information, leave and earnings statements and W-2s
online.
The compromise likely came from personal information being stolen from
home computers via spyware and keystroke-logging viruses, DFAS officials
said.
A hacker redirected one servicemember's pay to a credit card vendor by
changing account information the day before pay day, said Tom LaRock,
DFAS spokesman. However, he added, DFAS quickly worked with his bank to
have funds returned to his account within two days.
When suspicious activity is detected under the current system used by
DFAS, LaRock explained, financial institutions are immediately notified
so reversals can be made to servicemembers' accounts. DFAS plans to
launch a new program soon that will increase the ability to detect
unauthorized changes prior to processing by pay systems. This will make
the system for myPay's 3.7 million users even more responsive, LaRock
said.
"This won't completely stop compromises," he said, "but it will help
alert us more quickly so appropriate actions can be taken."
Key-logging software often is installed on systems when an individual
simply views e-mails or clicks links that look and seem like reputable
sites. Hackers then are able to detect passwords and other personal
information, DFAS officials said.
The organization is reminding customers that they have a responsibility
to take measures to protect their personal information from scams and
identity theft.
DFAS warns that a variety of methods can be used to attack home
computers, including phishing, malicious software and outside takeovers
via bad software configurations. Users are encouraged to install and
continually update anti-virus and firewall software.
DFAS offers tips for security and protection to its users on its Web
site, https://mypay.dfas.mil/PersonalData.htm
The Defense Department also offers free downloads of antivirus and
firewall software programs to servicemembers and civilians under terms
of the DOD enterprise antivirus license with supporting companies.
_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]