If you’re a software developer or data scientist, you know the temptation of taking advantage of federal hacking protections.
But it’s also a scary time for your job.
The FBI recently announced that hackers had penetrated more than half of the companies it uses to protect classified information, including many that work with the National Security Agency, according to a report published Thursday by the House Homeland Security Committee.
That’s more than one-third of the nation’s computer security contractors.
But the FBI’s report says that the bureau has “detected several” unauthorized breaches of data stored on company networks.
It doesn’t say how many of the breaches were actually related to hacking.
In the first wave of the FBI investigation, the bureau arrested a former employee of a cybersecurity firm who was accused of being an “anonymous” hacktivist, according a news release from the committee.
The hacker, who was charged with one count of aggravated identity theft, was working for the company that provided the software to the NSA.
The company that employed the hacker also is an employee of the National Science Foundation.
The government has not identified the company.
The committee’s report said that the FBI also investigated a “potential breach” at the University of California, Santa Barbara, and another at the Defense Advanced Research Projects Agency.
Neither of those breaches had anything to do with the NSA, the committee said.
“These were investigations that we believe are a product of an unfortunate lapse in judgment by one of the investigators,” committee Chairman Jason Chaffetz Jason ChaffettGoogle, NSA, Facebook: How tech giants can fight online surveillance article The FBI declined to comment for this story.
The company that the former employee worked for was also not identified in the report.
“There is a clear need to ensure that our government’s cybersecurity personnel are up to the job of protecting the national security of the United States,” the report said.
The investigation into the San Francisco Bay Area cybersecurity firm SecureWorks began in January and was “pending an outcome that was not in the best interest of the national defense.”
SecureWorks, which has offices in Atlanta, Los Angeles and Washington, DC, has been in business for years and is considered one of America’s top cybersecurity companies.
The firm said in a statement to The Associated Press that it was not the subject of the investigation.
The report, which was released a day before the deadline to file reports for the year, also said the FBI and other government agencies had identified more than 10,000 unauthorized access attempts that have been made to data in its databases.
In addition to the federal hacking probes, the House report said, the FBI had received complaints from a variety of states and private organizations that were “filed under the auspices of the U.S. Cybersecurity Task Force.”
It’s unclear how many investigations were still ongoing into unauthorized breaches, but the committee report said the government is working to improve cybersecurity policies.
The House report also said that a federal judge in the District of Columbia granted the government’s request for an injunction in the case of a hacker who stole data from a medical device maker that sells the devices.
The court’s order was issued to halt the unauthorized access of a medical data breach from March, the report added.
The breach took place in 2013, the time when a group of hackers broke into the medical device manufacturer’s data systems and used that information to make a botnet that spread across more than 600 companies, the AP reported.
The hack was carried out using a fake medical data account, the company said in court documents.