US Department of Energy hacked, employees' personal information stolen

Filed Under: Featured, Malware, Vulnerability

US Department of Energy hacked, employees' personal information stolenAccording to media reports, the US Department of Energy has been hit by a "sophisticated cyber attack" in the last few weeks, which resulted in the personal information of several hundred employees being compromised.

The Washington Free Beacon, which broke the story, claims that Energy Department officials believe that the intentions of the hackers may not have been limited to stealing information about employees, but may also have planned to establish a bridgehead to gain future access to classified information.

The FBI is said to be investigating the hack, which occurred two weeks ago at the Department of Energy's Washington-based HQ, and affected 14 servers and 20 desktop workstations.

A Fox News headline on the incident attempts to link the attack to Chinese hackers, but the original Free Beacon report admits that both the source and identity of the hackers is unknown.

Fox News report

Of course, no-one would be surprised if there was a Chinese link, especially following the revelations last week of attacks against the New York Times and other newspapers that were widely blamed on Beijing.

But, once again, it's important to remember that it's very hard to prove who is behind an internet attack - especially as hackers can easily bounce their attacks between multiple compromised computers spread around the globe.

And there is a chance that China could become an all-too-convenient bogeyman, that can easily be blamed for any embarrassing security breach.

Once again, we see a familiar line rolled out about the advanced nature of the attack against the DoE:

"..the relative sophistication of the cyber attack is an indication of nation-state involvement."

Compare that with the statement from Twitter, who themselves got hacked late last week:

"This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked."

I'm just thinking out loud here - but if my organisation was hacked, and the news was going to come out in public, would I feel more comfortable saying that the hack was "extremely sophisticated" rather than "the kind of thing our security systems really should have stopped"?

Would the general public be more accepting of a security breach, if it were hinted that a sinister foreign nation state was behind it, rather than a bunch of pizza-eating 4chan-loving geeks in their back bedrooms?

I'm not saying that it wasn't China that hacked the US Department of Energy. Maybe they did, maybe they didn't. It certainly sounds plausible, and you can easily believe that Chinese intelligence officers might want to snoop upon important US government offices.

But that's as far as it goes as a theory - plausible. We'll need to see more evidence before we can be anything close to 100% certain.

In the meantime, protect your computers with a layered defence and educate your staff to always keep their eyes peeled for anything unusual.

, , , , ,

You might like

6 Responses to US Department of Energy hacked, employees' personal information stolen

  1. NerdyJoe · 443 days ago

    Probably not that sophisticated. In fact the attackers probably just read Secunia's blog and decided to have a cheap shot at the DoE while they had nothing better to do.
    http://secunia.com/blog/344

  2. GuitarBob · 443 days ago

    Yes! Another "sophisticated" hack. This one was even "extremely" sophisticated.

    Regards,

  3. narf · 443 days ago

    The problem is that they usually make unrealistic baselines for OS roll-outs, and instead of going with an image/policy set that's somewhat secure and working from there, they throw so many in that it breaks applications and functionality. In return, they fix 60% of them which aren't mission critical, and figure out a way to make the others 120% compliant before upgrading at all.

    Not to mention, most of their apps are based off of java.. and OLD versions at that. Considering it's a mess to try to update it, it's not really a surprise.

  4. Alan Brown · 443 days ago

    Best target for data and bank account pirates: people who are earning a living.

    Blaming the chinese is wearing a bit thin as a way of covering staggering levels of incompetence in various organisations

    99% of these hacks are down to people not doing their job properly and at least 2/3 of them are exploits of vulnerabilities left unpatched for more than a year after disclosure. Charges should be laid - for criminal negligence - and people summarily sacked.

  5. (0_o) Could me government be any LESS secure?

    The only good thing to say is that at least we're now hearing about our government being hacked. We know full well that China: Criminal Nation has been hacking the US government since 1998. It wasn't until 2007 that our government began admitting it.

    Let's hope the US government has at least learned to never expose classified information to the Internet. They aren't stupid enough to do that, right? :-P

  6. Gerald M. · 442 days ago

    ..........I am just wondering if this had anything to do with the the power outage in New Orleans in Sunday's Superbowl.......hhhmmmm!!!!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.