[BreachExchange] The State Department Has Reportedly Been Hacked

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Mon Aug 23 09:43:54 EDT 2021


https://gizmodo.com/the-state-department-has-reportedly-been-hacked-1847536299

The U.S. State Department was purportedly the victim of a serious cyber
attack in recent weeks, according to a Fox News report published on
Saturday. The extent of breach and when it was discovered are currently
unknown.

Citing an unnamed source, the outlet stated that the Department of
Defense’s Cyber Command had issued notifications of a possibly serious
breach. Although it’s unclear whether the State Department’s operations
have been affected by the attack, Fox reported that the department’s work
to evacuate thousands of Americans and Afghans from Kabul, Afghanistan amid
the withdrawal of U.S. forces had not been affected.

The identity of the alleged perpetrators is unknown at this time. In a
statement to Fox News, the State Department did not confirm or deny the
purported attack.

“The Department takes seriously its responsibility to safeguard its
information and continuously takes steps to ensure information is
protected,” a department spokesperson said. “For security reasons, we are
not in a position to discuss the nature or scope of any alleged
cybersecurity incidents at this time.”

However, Reuters stated that a knowledgeable source affirmed the department
has not experienced significant disruptions and has not had its operations
impeded in any way. Reuters’ source did not confirm the incident.

Fox News pointed out that the revelation of a possible cyber attack has
occurred in the same month the Senate’s Committee on Homeland Security and
Government Affairs released its federal cybersecurity report.

Notably, the report found that the agency could not provide documentation
for 60% of the sample employees tested that had access to its classified
network. The State Department also left thousands of employee accounts
active even after they had departed from the agency for extended periods of
time—in some cases as long as 152 days after employees quit, retired, or
were fired—on its classified and unclassified networks.

“Former employees or hackers could use those unexpired credentials to gain
access to State’s sensitive and classified information, while appearing to
be an authorized user,” the report stated.

An analysis of the State Department’s systems found that the agency failed
to address vulnerabilities. Ten systems were found to contain 450
critical-risk and 736 high-risk outstanding vulnerabilities.

Overall, the State Department’s cybersecurity practices received a “D”
rating, one of the lowest ratings available.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210823/8524402a/attachment.html>


More information about the BreachExchange mailing list