Homeland Security gives itself DdoS

THE US Department of Homeland Security has exposed hundreds of security pros' names and e-mail addresses in a Ddos attack on itself.

In a particularly daft move, Homeland Security allowed people to reply to a newsletter to the nation's security experts.

One would think that since it was being sent to security experts they would not have thought about replying to the entire list, but they did. Soon the Homeland Security was sending out millions of spam emails.

According to eWeek, it all started on October 3 when a reader of the DHS' daily Open Source Intelligence Report replied to the list address with a request for a change. The message was sent to all list subscribers.

Then dozens of readers replied to the exposed list of recipients. These ranged from demands to unsubscribe, pleas to others to cease replying, urgent requests from the Department of Defense and DHS officials for recipients to " kindly stop now please".

In the mix a "vote for me" political ad, job offers and updates on the local weather slipped through. All this created a Denial of Service attack on the Homeland Security system.

Homeland Security is a bit stunned that the settings on its mail server allowed the attack. A spokesman said that it could be a human error where an e-mail administrator must have unset a setting designed to prevent this type of event.

More here.µ