An attack against US State Department servers is still ongoing three months after the agency spotted miscreants inside its email system, it's reported.
In November the State Department was forced to suspend its unclassified email systems after it was successfully infiltrated by hackers unknown. At the time the agency said its classified emails were unaffected by the hack.
Every time sysadmins find and delete a malware infection, installed by the hackers, another variant pops up.
The point of failure was, we're told, a user clicking on a link to a dodgy website using an unpatched browser, leading to malicious remote-code execution. Once inside the network, the attackers spread out to the department's computers overseas, many of which now harbor malware.
Remote access to email inboxes has been disabled, it's reported. IT staff can't switch off the network to freeze the infection because the computer systems must remain operation for security reasons.
Five sources report that the attacks are Russian in origin, with one former US intelligence officer claiming that Putin’s online warriors are just as good as Uncle Sam's.
The secure email system is reportedly still safe, but unclassified emails can contain lots of juicy information – and hackers could masquerade as officials on the network to gain access to more sensitive documents. Messages regarding US policy on the Ukraine, and other files, have been swiped from the system, two sources report.
The difficulty in blocking further attacks raises worrying possibilities for the rest of the government’s IT managers. The State Department’s servers was compromised as part of large-scale attack against US government systems, with the White House, the US Postal Service, and the National Weather Service all falling prey, albeit briefly.
“We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf told the Journal in a statement. “We take any possible cyber intrusion very serious - as we did with the one we discussed several months ago — and we deal with them in conjunction with other relevant government agencies.”
Given the amount the US spends on information security these days it seems amazing that the NSA can’t rustle up a few of its hackers so adept at attacking and subverting legitimate means of communications and focus on defense for a change.
Since 2001 the US has publicaly spent over $500bn on its intelligence services, and documents leaked by Edward Snowden show the NSA and CIA spent over $25bn in 2013 alone. It doesn’t seem as though the American taxpayer is getting value for money. ®