Τρεις μήνες έχουν περάσει από τη παραβίαση του δικτύου ηλεκτρονικού ταχυδρομείου του Υπουργείου Εξωτερικών των ΗΠΑ, του State Department και οι ειδικοί εξακολουθούν να εργάζονται για την εξασφάλιση της ασφάλειας του συστήματος.
Το Νοέμβριο του 2014 το State Department, έκανε μία άνευ προηγουμένου
κίνηση και έκλεισε ολόκληρο το σύστημα ηλεκτρονικού ταχυδρομείου
αδιαβάθμητων πληροφοριών στην υποψία επίθεσης.
Ύποπτη δραστηριότητα εντοπίστηκε στο σύστημα, ταυτόχρονα όμως με μια
άλλη επίθεση που έπληξε το δίκτυο του Λευκού Οίκου. Εργαζόμενος του
κέντρου επιχειρήσεων στο State Department, απαντώντας σε σχετική ερώτηση
αναφέρει ότι ως μέτρο προφύλαξης, το σύστημα ηλεκτρονικού ταχυδρομείου
βγήκε offline.
Κατά την ίδια περίοδο όμως και άλλες υπηρεσίες των ΠΑ έγιναν στόχος
των hackers, συμπεριλαμβανομένων της Ταχυδρομικής Υπηρεσία και της
Εθνικής Μετεωρολογικής Υπηρεσίας. Όπως και η Αμερικανική Στρατιωτική
υπηρεσία, τα διαβαθμισμένα συστήματα του State Department δεν
παραβιάστηκαν.
Από το προσωπικό του Υπουργείου, ζητήθηκε να σταματήσουν να
χρησιμοποιούν την επίσημους λογαριασμούς email για τα μηνύματα
ηλεκτρονικού ταχυδρομείου και να χρησιμοποιούν το Gmail.
Το Νοέμβριο, κυβερνητικά στελέχη γνωστοποίησαν στο ABC News ότι οι
hackers έχουν παραβιάσει συστήματα υπολογιστών, σε πολλές χώρες. Οι
υπολογιστές έχουν μολυνθεί από λογισμικό που τρέχει στη βάση του
δικτύου, γεγονός που έχει δημιουργήσει μεγάλη ανησυχία στην Αντικατασκοπεία και στη Στρατιωτική βιομηχανία.
Πηγές αναφέρουν ότι οι επιθέσεις φαίνεται να είναι υπό κρατική
παρακίνηση και ότι η Ρωσία είναι η χώρα που συντονίζει τους hackers, αν
και η έρευνα του FBI και της NSΑ δεν αποκλείει και την Κίνα ως δεύτερο
ύποπτο. Η ομοιότητα όμως του malware και της μεθόδου της επίθεσης
παραπέμπουν στη Ρωσία, αφού είναι ίδιες με αυτές που έγιναν κατά την
τελευταία κρίση στην Ουκρανία.
US State Department – Hackers still in the Email System
Three months from the incursion in the network of the U.S. State Department e-mail system, US specialists are still working to secure the networks.
In November 2014 the State Department has taken the unprecedented step of shutting down its entire unclassified email system in response to a suspected cyber attack.
‘Activity of concern’ was detected in the system concurrently with another cyber attack which hit the network at the White House computer
network. A State Department staffer answering a call to the State
Department Operations Center revealed that, as a precautionary measure,
the e-mail system remained down.
In the same period, other US agencies were targeted by hackers, including the U.S. Postal Service and
the National Weather Service, the U.S. Military confirmed that its
systems were secured, according to official sources, none of the State
Department’s classified systems were affected.
The State Department personnel were asked to stop using official emails and use Gmail instead.
In November, Government officials reported to the ABC News agency that hackers have compromised computing systems in many nation’s critical infrastructure.
The attackers have infected the software that runs in the critical
infrastructure with a malware, the circumstance creates a lot of anxiety
in Intelligence and military industry due to the vital role of the
hacked architecture. Sources reported to the news agency that the
attacks appear to be state-sponsored hacking campaign and that the Russia is the nation that is coordinating them.
Returning to the present, three people familiar with the investigation at the State Department have reported to the Wall Street Journal that
the US Government is still working to sanitize the email systems of the
State Department. The circumstance is very concerning because the
hackers still have access to the network of the Government Agency.
“Three months after the State Department confirmed hackers breached its unclassified email system, the government still hasn’t been able to evict them from the department’s network, according to three people familiar with the investigation.” states the Wall Street Journal.
The US intelligence is trying to fight back the hackers and track
them, but it is an ongoing battle that foreign attackers are winning
because they are still able to find new entry points in the US networks.
The sources explained that US authorities are still investigating the
data breach and in time I’m writing they still haven’t a clear picture
of the overall data accessed by the hackers.
“We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf said in an official statement. “We take any possible cyber intrusion very serious as we did with the one we discussed several months ago and we deal with them in conjunction with other relevant government agencies.”
Who is behind the attack?
The investigation was conducted by FBI and Secret Service, the
authorities speculate that the attacks were coordinated by a foreign
government, Russia or China
were among the primary suspects. Experts involved in the investigation
reveals that Russia remains the first suspect because of the similarity
of the malware used in the attack and the malicious code used in other attacks worldwide linked to Russian state-sponsored operations, including the recent attacks following the Ukraine crisis.
The nature of the attack suggests that it may have originated in
Russia, one of the officials said. A former U.S. intelligence official
said that country has developed cyber-espionage capabilities that are
almost equal to those of the U.S. National Security Agency.
“The intrusions coincide with rising tensions between the U.S. and Russia, and hackers linked to the government of Russian President Vladimir Putin have used the same “phishing” technique, in which the opening of deceptive e-mail attachments downloads malicious software, to attack other unclassified U.S. government e-mail systems. So far, investigators from the NSA and private contractors haven’t reached a firm conclusion about the intruders’ origins, said the two officials involved in the inquiry.” reported Bloomberg.
The Russian Government and FBI refused to comment on the investigation.
0 σχόλια:
Δημοσίευση σχολίου