Hackers still in the State Department's network, three months after the breach

The US State Department is still unable to evict Russian hackers from its unclassified email system, three months after US officials first discovered the breach.

US officials have admitted they still see signs of the hackers on the State Department's network, despite efforts by the department, the National Security Agency (NSA), and Federal Bureau of Investigation (FBI) to block the hackers and plug the holes in the network.

Investigators have not yet officially said who is behind the breach, but officials have suggested that the Russian government is likely to be involved, because the software and tools used in the attack has been linked to Russia in previous breaches, and emails related to the Ukraine crisis were also stolen.

The hackers gained access to the network after an employee of the State Department clicked on a bogus link in an email referring to administrative matters, which triggered malicious software to download onto the computer, opening a door for the hackers. A technique known as "phishing".

The removal of the hackers completely from the network and clean up is likely to take some time, with former US officials pointing to the 2013 breach of the US Navy's network by Iranian hackers as a guide. It took four months before the hackers were completely removed from the network.

Source: WSJ | Program code on a monitor and Crime scene via ShutterStock

Report a problem with article
A gavel resting on a table with a blurred US flag in the background
Next Article

US Judges will soon be able to issue worldwide warrants

Previous Article

TechSpot: Silverstone Sugo SG13 Mini-ITX Case Review

7 Comments - Add comment