author archives

Aliya Sternstein

Senior Correspondent

Aliya Sternstein reports on cybersecurity and homeland security systems. She’s covered technology for more than a decade at such publications as National Journal's Technology Daily, Federal Computer Week and Forbes. Before joining Government Executive, Sternstein covered agriculture and derivatives trading for Congressional Quarterly. She’s been a guest commentator on C-SPAN, MSNBC, WAMU and Federal News Radio. Sternstein is a graduate of the University of Pennsylvania.

Results 21-30 of 2340

After OPM Debacle, Three-Step Biometric ID Checks Are Coming

June 12, 2015 Expect computers to require that federal personnel use a smartcard, a password and their fingerprints before logging on, as a way to shore up defenses in the wake of a massive government cyber assault, a top official from the Department of Homeland Security said this week. So-called three-factor authentication goes...

Whose Job Is On the Line After the OPM Hack?

June 12, 2015 With no one agency coordinating the response to a network assault at the Office of Personnel Management, there are questions about who is liable for security lapses that ultimately laid bare private details on current and past federal employees. The lack of a point person also complicates public outreach and...

It's Costing OPM $20 Million to Contact Hacked Feds

June 9, 2015 The Office of Personnel Management on May 28 issued a solicitation to identity theft protection companies, a week before disclosing a hack that exposed private information on millions of current and former federal employees. The day after the breach was made public, OPM finalized a more than $20 million deal...

White House Orders All Federal Sites Go HTTPS By the End of 2016

June 8, 2015 In a bid to close potential vulnerabilities in the government's Web presence, the White House is mandating every public federal website switch to a more secure Internet connection standard within about a year and a half. The connection technology, Hypertext Transfer Protocol Secure, provides site visitors more privacy and confidence...

Hackers Outwit Global Financial Body and Love Seeing ISIS in NYC

June 8, 2015 In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches: International Financial Body Duped Into Releasing Member Details The Chartered Institute for Securities and Investment suffered a phishing attack that resulted in the leak of personal information on tens of thousands of professionals....

OPM Hackers Skirted Cutting-Edge Intrusion Detection System, Official Says

June 6, 2015 When attackers compromised a federal personnel system holding records on up to 4 million current and former employees, the files were in an Interior Department data center equipped with the most up-to-date version of a governmentwide intrusion detection tool, a government official with knowledge of the center at the time...

OPM Says Massive Data Breach May Affect 4 Million Federal Employees

June 4, 2015 The Office of Personnel Management is informing 4 million current and former federal employees about a hack attack that could have compromised their personal details. The malicious activity discovered in April marks the fourth network intrusion of an organization holding sensitive records on personnel with possible access to classified information....

Watchdog Says Pentagon Needs to Crank Up ‘Insider Threat’ Monitoring

June 4, 2015 Work to rein in some post-Sept. 11 domestic surveillance practices ended with passage of a bill that limits the National Security Agency’s collection of U.S. call records. But regular Joes inside the Pentagon -- or at least those with access to sensitive or classified information -- should expect even greater...

After Breach, IRS Considers PINs for All Taxpayers

June 3, 2015 The first step to enhance security on an Internal Revenue Service website that identity thieves rigged to steal other people's tax returns was to pull the cord on it. Now, the tax agency is contemplating a range of identity-theft protections, including issuing taxpayers annual passcodes, before bringing the "Get Transcript"...

At IRS, Two-Factor Authentication Means Waiting For a Letter in Your Mailbox

June 3, 2015 You might assume the Internal Revenue Service online service for accessing tax returns exploited via a weak login system would quickly switch to two-factor authentication. After all, that's what Apple and Twitter did after the nude celebrity selfie breach and countless other high-profile tweet hijackings. But it's not that easy...