The State Department recently had to entirely shut down its email system after suffering a hacking attack. After that, the system remained closed down to repair possible damage. According to the official announcements from the state representatives, the department detected “activity of concern” in its system. In the meantime, the authorities assured that the classified systems had not been compromised during the hack. Security experts believe that a similar security breach at the White House in October could be part of the same attack.
It remains unclear who is responsible for the hack, but it is understandable that the State Department, like any other entity of such a scale, is a constant target of cyber attacks. The state specialists detected the “activity of concern” a few weeks ago and formed a team to respond, in coordination with cybersecurity experts from DHS and from other agencies. The representatives of the authority explained they are currently implementing carefully planned improvements to the security of their main unclassified network, especially emphasizing that no classified systems have been affected by the attack. As usual, the “origins of the intrusion” remain “under investigation”, and no suggestions of who is responsible were announced.
It should be noted that the email system attack is the latest in a series of security breaches at American government departments. For example, last month the US National Oceanic and Atmospheric Administration reported that 4 of its online portals suffered security breaches, cutting weather satellite data off for over 7 days.
Another example of the October intrusion is the breach of the internal systems belonging to USIS, a government contractor providing background checks for the Department of Homeland Security. At the time, the government had to admit that the attackers (who are always believed to be state-sponsored in such cases) might have stolen details of DHS personnel. One more hack targeted the Postal Service of the United States a few weeks ago and exposed the personal information and even SSNs of 800,000 of its employees.
According to the experts on cyber-security, while it is usually impossible to know who is responsible for attacks of such scale, they are normally assigned to the foreign cyber-criminals backed by the foreign government. It is clear that the United States needs to be ready for such attacks, as well as to be prepared to be resilient to their effects, instead of having hopes to prevent all of them. Nobody can have 100% security.