FBI expects Va. hacker probe to take two more weeks
The FBI has not discovered the hacker who broke into the Department of Health Profession's computer, nor has it discovered what private information was retrieved, Virginia's Secretary of Health and Human Resources Marilyn B. Tavenner said today.
Questioned intensely by members of the House Appropriations Committee, Tavenner said the FBI thought it would take another two weeks to complete its investigation.
"They said it was like looking for a needle in the haystack, but they have ways to find the needle," she said.
Someone broke into the Department's database of addictive prescription drugs, such as oxycontin, morphine and Methadone. The data are kept to monitor who is using the drugs. The user's name and address, the date of birth and the substance are in the database.
The department recognized an unauthorized message posted on the Web site on April 30. The computer systems were shut down and state authorities were notified. All data had been properly backed up and back up files had been secured, Tavenner said.
Tavenner also said computer security at the department was judged to be among the top 5 percent of state computer systems. She acknowledged, however, that she knew of no other state where security had been breached.
She said pharmacists and other drug providers were being alerted to be on the lookout for suspicious behavior in the event someone was using stolen material to buy drugs.
The FBI was called in as the lead investigator because the security breach was accompanied by a demand for ransom, Tavenner said.
Del. L. Scott Lingamfelter, R-Prince William, worried that terrorists could break into other Virginia computer systems, such as those of Virginia's universities, and obtain important proprietary information.
Lemuel Stewart, chief information officer for the state, suggested that organized crime could have breached the system.
On the "live virus" front, as Tavenner put it, Tavenner said there have been 17 confirmed cases of swine flu in Virginia and no deaths. She said the state should be prepared for a possible reoccurrence of the flu this fall. There are no vaccines for it.
Reader Reactions
Stall, obfuscate, deny responsibility, blame the other guy. That’s your commonwealth’s executive agencies at their finest.
If you expect truth or responsibility from these Secretariat clowns, then you need a real solid reality check.
Face it folks, we’re not in Kansas anymore (or maybe we are in our chief execs childhood fantasy Kansas).
Pay no attention to the man behind the curtain, be afraid of the Great and Powerful Oz. If you believe in Oz then you may forgive yourself for being deluded by these second rate political hacks.
Funny DPH say’s they are in the TOP 5% for Security in the State, when the State does not have any such rating system in place.
Wow if they were the top 5 security wise for the State that’s scary.
Seems to me it would be prudent for all state agency heads to immediately begin scrutinizing their system security vulnerabilies instead of waiting for the State as a whole to do something.
My prescription information may have been stolen from one of the top 5. I am also in the systems of at least 6 other state agencies. You can imagine I’m a bit concerned.
“Tavenner also said computer security at the department was judged to be among the top 5 percent of state computer systems”: An interesting quotation about which Lemuel Stewart should be sufficiently concerned so as not to be able to sleep at nights. If hackers - whether terrorists, organized crime, or malevolent teenagers - were able to gain unauthorized access to computers said to at the TOP of the security scale for state computers, how many state computers containing who knows what are even more susceptiable?
I am not encouraged by Ms. Tavener’s comments about the state of computer security - then, on the other hand it is unfair to criticize her because her expertise is medicine. Mr. Stewart on the other hand has responsibilities that ensuring adequate levels of security and I continue to maintain that an vigorous inquiry into information security and system change practices by the VITA/Northrop Grumman partnership deserves very close scrutiny.
Post a Comment(Requires free registration)
- Please avoid offensive, vulgar, or hateful language.
- Respect others.
- Use the "Flag Comment" link when necessary.
- See the Terms and Conditions for details.
Advertisement