Hardly a week goes by without news of ‘bad actors’ attacking some business or government agency. One would think that by now these businesses and agencies would have invested in cybersecurity and found a way to close the gates on hackers. Recently we had the massive breach at OPM exposing massive PII, and resulting in the resignation of then Director Katherine Archuleta. At the last count, information on more than 21 million people was ‘lost’ and the investigation is ongoing as to what damage was done.
Now we have word that the Pentagon has been attacked and its digital systems breached by those with malicious intent. According to reports, hackers breached the Pentagon’s ‘Joint Staff’ email system in late July. This system is considered unclassified by officials, but is utilized by approximately 4,000 military personnel as well as civilian employees. By mining this system for data, hackers may be able to obtain information they can leverage to their advantage in the future.
While the breach is in the early stages of investigation, from all accounts it appears that ‘social engineering’ was once again used as an access point to the system. Hackers reportedly utilized social media and sent bogus emails to individuals who opened them (even though they know they shouldn’t) and launched malicious software into the system.
Early indications are that the hackers are state sponsored, with fingers as of this writing pointing to Russia as the behind-the-scenes supporter. According to a report filed by Kube and Miklaszewski, “U.S. officials tell NBC News that Russia launched a “sophisticated cyberattack” against the Pentagon’s Joint Staff unclassified email system, which has been shut down and taken offline for nearly two weeks.” Supporting that, Harthorne reports that “Investigators believe the Russian hackers behind the attack are the same people behind similar attacks on the White House and the State Department last year”.
Whoever is behind this recent breach, we have learned several things from it…people are going to continue to open emails they know they shouldn’t or are not able to discern as harmful, the cybersecurity of our agencies is still in need of help, and finally, the attack on our nation’s digital systems is relentless and is continuing to increase.
For information on cybersecurity and what you can do to increase your knowledge and awareness of it, visit http://www.nationalcybersecurityinstitute.org/
Harthorne, M. (2015). Russian hackers suspected in cyber attack on Pentagon. Obtained from the Internet at http://www.newser.com/story/210949/russian-hackers-suspected-in-cyberattack-on-pentagon.html
Kube, C. and Miklaszewski, J. (2015). Russia hacks Pentagon computers. Obtained from the Internet at http://www.cnbc.com/2015/08/06/
Mogg, T. (2015). Pentagon hit by cyberattack, sources suspect Russian involvement. Obtained from the Internet at http://www.digitaltrends.com/web/pentagon-hit-by-cyberattack/