[ISN] Hackers target State Dept. computers

From: InfoSec News (alerts@private)
Date: Tue Jul 11 2006 - 22:45:25 PDT

Forwarded from: The happy staff at Attrition.org


July 11, 2006

WASHINGTON (AP) -- The State Department is recovering from large-scale 
computer break-ins worldwide over the past several weeks that appeared to 
target its headquarters and offices dealing with China and North Korea, 
The Associated Press has learned.

Investigators believe hackers stole sensitive U.S. information and 
passwords and implanted backdoors in unclassified government computers to 
allow them to return at will, said U.S. officials familiar with the 

These people spoke on condition of anonymity because of the sensitivity of 
the widespread intrusions and the resulting investigation.

The break-ins and the State Department's emergency response severely 
limited Internet access at many locations, including some headquarters 
offices in Washington, these officials said. Internet connections have 
been restored across nearly all the department since the break-ins were 
recognized in mid-June.

"The department did detect anomalies in network traffic, and we thought it 
prudent to ensure our system's integrity," department spokesman Kurtis 
Cooper said. Asked what information was stolen by the hackers, Cooper 
said, "Because the investigation is continuing, I don't think we even 

Tracing the origin of such break-ins is difficult. But employees told AP 
the hackers appeared to hit computers especially hard at headquarters and 
inside the Bureau of East Asian and Pacific Affairs, which coordinates 
diplomacy in countries including China, the Koreas and Japan. 

In the tense weeks preceding North Korea's missile tests, that bureau lost 
its Internet connectivity for several days.

China's government was considered by experts a chief suspect in computer 
break-ins at the Defense Department and other U.S. agencies disclosed last 

But China also is home to a large number of insecure computers and 
networks that hackers in other countries could use to disguise their 
locations and launch attacks.

The Pentagon warned earlier this year that China's army is emphasizing 
hacking as an offensive weapon. It cited Chinese military exercises in 
2005 that included hacking "primarily in first strikes against enemy 

After the State Department break-ins, many employees were instructed to 
change their passwords. The department also temporarily disabled a 
technology known as secure sockets layer, used to transmit encrypted 
information over the Internet. 

Hackers can exploit weaknesses in this technology to break into computers, 
and they can use the same technology to transmit stolen information 
covertly off a victim's network.

Many diplomats were unable to access their online bank accounts using 
government computers because most financial institutions require the 
security technology to be turned on. Cooper said the department has since 
fixed that problem.

Copyright 2006 The Associated Press. All rights reserved.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Tue Jul 11 2006 - 22:59:09 PDT