Τρεις μήνες έχουν περάσει από τη παραβίαση του δικτύου ηλεκτρονικού ταχυδρομείου του Υπουργείου Εξωτερικών των ΗΠΑ, του State Department και οι ειδικοί εξακολουθούν να εργάζονται για την εξασφάλιση της ασφάλειας του συστήματος.

Το Νοέμβριο του 2014 το State Department, έκανε μία άνευ προηγουμένου κίνηση και έκλεισε ολόκληρο το σύστημα ηλεκτρονικού ταχυδρομείου αδιαβάθμητων πληροφοριών στην υποψία επίθεσης.

Ύποπτη δραστηριότητα εντοπίστηκε στο σύστημα, ταυτόχρονα όμως με μια άλλη επίθεση που έπληξε το δίκτυο του Λευκού Οίκου. Εργαζόμενος του κέντρου επιχειρήσεων στο State Department, απαντώντας σε σχετική ερώτηση αναφέρει ότι ως μέτρο προφύλαξης, το σύστημα ηλεκτρονικού ταχυδρομείου βγήκε offline.

Κατά την ίδια περίοδο όμως και άλλες υπηρεσίες των ΠΑ έγιναν στόχος των hackers, συμπεριλαμβανομένων της Ταχυδρομικής Υπηρεσία και της Εθνικής Μετεωρολογικής Υπηρεσίας. Όπως και η Αμερικανική Στρατιωτική υπηρεσία, τα διαβαθμισμένα συστήματα του State Department δεν παραβιάστηκαν.

Από το προσωπικό του Υπουργείου, ζητήθηκε να σταματήσουν να χρησιμοποιούν την επίσημους λογαριασμούς email για τα μηνύματα ηλεκτρονικού ταχυδρομείου και να χρησιμοποιούν το Gmail.

Το Νοέμβριο, κυβερνητικά στελέχη γνωστοποίησαν στο ABC News ότι οι hackers έχουν παραβιάσει συστήματα υπολογιστών, σε πολλές χώρες. Οι υπολογιστές έχουν μολυνθεί από λογισμικό που τρέχει στη βάση του δικτύου, γεγονός που έχει δημιουργήσει μεγάλη ανησυχία στην Αντικατασκοπεία και στη Στρατιωτική βιομηχανία.

 Πηγές αναφέρουν ότι οι επιθέσεις φαίνεται να είναι υπό κρατική παρακίνηση και ότι η Ρωσία είναι η χώρα που συντονίζει τους hackers, αν και η έρευνα του FBI και της NSΑ δεν αποκλείει και την Κίνα ως δεύτερο ύποπτο. Η ομοιότητα όμως του malware και της μεθόδου της επίθεσης παραπέμπουν στη Ρωσία, αφού είναι ίδιες με αυτές που έγιναν κατά την τελευταία κρίση στην Ουκρανία.


 

US State Department – Hackers still in the Email System

Three months from the incursion in the network of the U.S. State Department e-mail system, US specialists are still working to secure the networks.

In November 2014 the State Department has taken the unprecedented step of shutting down its entire unclassified email system in response to a suspected cyber attack.

‘Activity of concern’ was detected in the system concurrently with another cyber attack which hit the network at the White House computer network. A State Department staffer answering a call to the State Department Operations Center revealed that, as a precautionary measure, the e-mail system remained down.

In the same period, other US agencies were targeted by hackers, including the U.S. Postal Service and the National Weather Service, the U.S. Military confirmed that its systems were secured, according to official sources, none of the State Department’s classified systems were affected.

The State Department personnel were asked to stop using official emails and use Gmail instead.
In November, Government officials reported to the ABC News agency that hackers have compromised computing systems in many nation’s critical infrastructure. The attackers have infected the software that runs in the critical infrastructure with a malware, the circumstance creates a lot of anxiety in Intelligence and military industry due to the vital role of the hacked architecture. Sources reported to the news agency that the attacks appear to be state-sponsored hacking campaign and that the Russia is the nation that is coordinating them.

Returning to the present, three people familiar with the investigation at the State Department have reported to the Wall Street Journal that the US Government is still working to sanitize the email systems of the State Department. The circumstance is very concerning because the hackers still have access to the network of the Government Agency.
“Three months after the State Department confirmed hackers breached its unclassified email system, the government still hasn’t been able to evict them from the department’s network, according to three people familiar with the investigation.” states the Wall Street Journal.
The US intelligence is trying to fight back the hackers and track them, but it is an ongoing battle that foreign attackers are winning because they are still able to find new entry points in the US networks.
US State Department e-mail system hacked 2
The sources explained that US authorities are still investigating the data breach and in time I’m writing they still haven’t a clear picture of the overall data accessed by the hackers.
“We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf said in an official statement. “We take any possible cyber intrusion very serious as we did with the one we discussed several months ago and we deal with them in conjunction with other relevant government agencies.”
Who is behind the attack?

The investigation was conducted by FBI and Secret Service, the authorities speculate that the attacks were coordinated by a foreign government, Russia or China were among the primary suspects. Experts involved in the investigation reveals that Russia remains the first suspect because of the similarity of the malware used in the attack and the malicious code used in other attacks worldwide linked to Russian state-sponsored operations, including the recent attacks following the Ukraine crisis.

The nature of the attack suggests that it may have originated in Russia, one of the officials said. A former U.S. intelligence official said that country has developed cyber-espionage capabilities that are almost equal to those of the U.S. National Security Agency.
“The intrusions coincide with rising tensions between the U.S. and Russia, and hackers linked to the government of Russian President Vladimir Putin have used the same “phishing” technique, in which the opening of deceptive e-mail attachments downloads malicious software, to attack other unclassified U.S. government e-mail systems. So far, investigators from the NSA and private contractors haven’t reached a firm conclusion about the intruders’ origins, said the two officials involved in the inquiry.” reported Bloomberg.
The Russian Government and FBI refused to comment on the investigation.

0 σχόλια:

Δημοσίευση σχολίου

top