A group of U.S. government security organizations has listed the top 20 security actions that they recommend organizations should take to improve computer security. The list was published by a group of U.S. government agencies, including the NSA, US-CERT, and other U.S. DoD computer security groups. In addition, U.S. security organizations in conjunction with Sans Institute published a list of the top 25 coding errors that introduce security vulnerabilities into software.
It’s not just ‘headline’ Fighter Jet Hacks that should be of concern. Back in May it was reported that a few Canadian journalism students bought a computer hard drive for $40 in the West African nation of Ghana and discovered that it contained sensitive information about U.S. defense contracts. If you aren’t visiting Ghana anytime soon, you could try eBay, where highly sensitive details of a US military missile air defense system were found on a second-hand hard drive bought on the site.
Of course, hacking into sensitive (and theoretically secure) government systems isn’t a new phenomenon. An article in PCWorld highlights seven other startling hacks from the past.
