Skip Links

The worst security SNAFUs of 2013

A year of NSA disclosures, the Syrian Electronic Army hackers, and shaky stock exchanges

By , Network World
December 17, 2013 11:34 AM ET

Network World - This year's award for "Biggest Security SNAFU" can only go to the National Security Agency. Since June, NSA officials have winced as former NSA contractor Edward Snowden began dispensing secrets to the media about how NSA carries out massive surveillance around the world using advanced technology.

The NSA wasn’t using enough security technology internally to even begin to stop Snowden from roaming through its super-secret networks to fish out what’s now believed to be many thousands of sensitive documents related not only to NSA’s massive data collection practices across the Internet but also traditional spy vs. spy operations, much of which has not yet gone public.

Edward Snowden
Credit: REUTERS/Tobias Schwarz
The signature on the letter of fugitive former U.S. spy agency contractor Edward Snowden is pictured during a news conference in Berlin, November 1, 2013.

The Snowden revelations so far have generated a backlash against the intelligence agency from privacy advocates everywhere as well as the U.S. high-tech industry, which has to cooperate with the NSA under U.S. law. And foreign leaders of countries considered friends to the U.S are enraged their private calls and data were intercepted for years. There’s no reason to think that there won’t be more on this score.

There have been plenty of “security SNAFUs” to go around this year. The media, too, were on the receiving end as the New York Times, Wall Sreet Journal, CNN, Washington Post and others all reported that networks used by their employees had been hacked by attackers from China, likely for cyber-espionage, or the Syrian Electronic Army, out of political anger. Also, the stability and security of a key part of the financial system, the electronic stock exchanges, was sometimes shaky.

+ MORE ON NETWORK WORLD The biggest security SNAFUs of 2013…so far +

There are so many SNAFUs, in fact, we listed details about the ones occurring the first half of 2013 in our June story. From there, we now pick up the trail of data breaches, cyber-espionage, cyber-extortion and infrastructure collapse. And sometimes it was simply just plain cyber-stupidity.


The U.S. Department of Commerce’s Economic Development Administration (EDA) destroyed about $170,000 worth of IT equipment including computers, printers, keyboards and computer mice last year on the mistaken belief that the systems were irreparably compromised by malware. According to the Commerce Department’s Inspector General that looked into what happened, the bureau was poised to destroy an additional $3 million worth of IT equipment but was prevented from doing so by a lack of funding for the effort. EDA, whose computer network had been infected by viruses, thought it was under an intense cyber-attack, and employees there spent months without e-mail of access to Internet servers and databases as they sought to build a new network. The Inspector General, however, said the disruption was simply due to a common malware infection on six computers that could have been erased with anti-malware tools and other steps.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News