Sophos Cloud Optix
The US State Department spent the weekend trying to mop up its unclassified email system and public sites in the aftermath of a recent attack.
The attack was first reported by The Associated Press on Sunday.
A senior department official told the AP that the agency discovered “activity of concern” in or around September: the same time as the intrusion that hit the White House’s networks.
The White House attack is similar to that at the State Department in that it also targeted unclassified networks, and it similarly resulted in a temporary shutdown of communications systems.
Following fast on the heels of the White House breach came news of attacks on the US Postal Service (USPS) and the National Oceanic and Atmospheric Administration, making the State Department the fourth US government agency to be hit in a matter of weeks.
The State Department official, who spoke without authorization and thus wasn’t named, told the AP that the agency’s classified systems were not affected.
He or she said that the department shut down its worldwide email late on Friday as part of a scheduled outage of some of its internet-linked systems to make security improvements to its main unclassified computer network.
The State Department obviously didn’t want to publicize the fact that its systems had been invaded.
On Friday, the department had announced that “maintenance” would be done, classifying it as a routine, scheduled outage.
But on Sunday, following the AP’s report of the breach, officials acknowledged they had found traces of suspicious activity in their system and were updating security in the middle of the scheduled outage, according to the Washington Post.
It was a pretty complete shutdown: duty officers were reportedly forced to use Gmail accounts.
The senior State Department official declined to say how many of the department’s email accounts were affected, or whether personal information on employees may have been exposed as it was in the USPS attack, but the official did say that the system was expected to be working normally again “soon”.
So far, nobody seems to know who’s responsible for the breaches, although the governments of China and Russia have both been mentioned as possible suspects, particularly behind the attack on the White House.
Image of offline courtesy of Shutterstock.
they want to spy, make them work. serves them right, the USA does nothing but break other countries privacy laws. I hope that one day someone shuts them down completely. You can blame the NSA for my feelings on this subject. Even while I write this comment the NSA are spying on me. As far as I am concerned if a person has no criminal convictions for anything not even a parking ticket, then the NSA is not entitled to interfere with that persons life in any way. They have to be left alone. Under Crown law it is illegal for them to continue… Stop spying on the UK NSA
I think they may have got rid of that “Crown” thing back in 1776. Something about taxation and the coming of a time in the affairs of men. And women.
So years ago the U.S. Government built the Internet during the cold war for communication after nuclear attacks. What I don’t understand I why the U.S. Government doesn’t build a separate network that isn’t connected to the rest of the world. It makes more sense to keep all government secrets on a different physical network. A separate American Internet would make more sense. Or make a deal with Europe and Canada and have a Western Internet. Easier to prosecute hackers if they can only get online in countries they can be prosecuted in. Then businesses would have a choice where they put their files.