Three of the people familiar with the investigation said Russia is currently believed to be behind the attack.
Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.
Hackers broke into the NTIA’s office software, Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months.
The most common vulnerability is staff who are lazy in their email and security procedures.
Another possibility is the following.
Microsoft Office 365 manages federated identities through Security Assertion Markup Language (SAML). Office 365 has vulnerabilities that would online hackers to infiltrate accounts, data, e-mail messages and files within the software’s cloud.
SAML is a standard employed by businesses and other entities to transfer authentication and authorize information. It permits a single sign-on across a number of different websites, allowing for greatly improved efficiency. Microsoft’s use of SAML version 2.0 in its Office 365 software is flawed in that it does not authenticate the element known as the NameID.
Written By Brian Wang, Nextbigfuture.com
Brian Wang is a Futurist Thought Leader and a popular Science blogger with 1 million readers per month. His blog Nextbigfuture.com is ranked #1 Science News Blog. It covers many disruptive technology and trends including Space, Robotics, Artificial Intelligence, Medicine, Anti-aging Biotechnology, and Nanotechnology.
Known for identifying cutting edge technologies, he is currently a Co-Founder of a startup and fundraiser for high potential early-stage companies. He is the Head of Research for Allocations for deep technology investments and an Angel Investor at Space Angels.
A frequent speaker at corporations, he has been a TEDx speaker, a Singularity University speaker and guest at numerous interviews for radio and podcasts. He is open to public speaking and advising engagements.