[ISN] State Department Releases Details Of Computer System Attacks

From: InfoSec News (alerts@private)
Date: Fri Jul 14 2006 - 01:08:49 PDT


By Larry Greenemeier 
July 13, 2006

The State Department confirmed that attacks last month on some of its 
computer systems originated in the East Asia-Pacific region, targeting 
U.S. embassies there, and worked their way toward State's headquarters in 
Washington. The department hasn't indicated whether it has a specific 
suspect (or suspects) in mind, but State says it's working with Carnegie 
Mellon University's Computer Emergency Response Team and the FBI on an 

The systems affected by the hack were unclassified computer systems, State 
Department spokesman Sean McCormack said during a press briefing 
Wednesday. "There is an ongoing forensic investigation to examine exactly 
what happened and to try to learn from that, but the initial findings of 
the investigation are that there was no compromise of sensitive U.S. 
government information."

The State Department has taken some precautionary steps, including 
changing some passwords. "Some of the Internet service to some people in 
some of our embassies and some people here was affected," McCormack said 
of the attack. "But the system as a whole was up and running throughout 
this entire time." McCormack added that the compromise was not the result 
of problems with the department's cyber security policies.

The State Department has a less-than-stellar record when it comes to IT 
security. In March, the White House Office of Management and Budget's 
annual federal government computer security report card gave the State 
Department an F grade for fiscal 2005, even worse that its D+ grade for 
fiscal 2004. The overall grade given to all 24 federal agencies evaluated 
was a D+.

Reports of this hack into State Department IT systems has raised concerns 
about data security in the federal government to a whole new level. The 
federal government has in recent months been plagued by a series of laptop 
thefts at the Veterans Affairs and Agriculture departments, Federal Trade 
Commission, and Internal Revenue Service. But these losses would pale in 
comparison to a network breach that allowed an attacker to access 
directories with user-privilege information and plant rootkits and other 
malicious code to facilitate future attacks.

Word of these June attacks on the State Department's systems comes at a 
particularly delicate time for the department, which has been involved in 
critical diplomatic negotiations with North Korea following that country's 
testing of nuclear missiles earlier this month.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Fri Jul 14 2006 - 01:18:22 PDT