A cyber attack that took place sometime around July 25th, and which compromised the communications of about 4000 civilian and military Pentagon workers, is being blamed on Russia.
The attack, which utilized some kind of automated system, rapidly gathered and stole large amounts of data which it then quickly distributed to multiple accounts across the web. The ‘sophisticated cyber intrusion’ was apparently coordinated via encrypted social media accounts, although it is not yet clear how officials know this.
In particular, the intrusion affected the Pentagon’s Joint Chiefs of Staff and resulted in the Pentagon taking the ‘aggressive step’ of taking offline the entire Defence Department email system. During this time, a team of digital security experts went to work analyzing the hack to discover the perpetrator. Officials now claim that Putin’s men are to blame: the cyber attack showing a level of sophistication that makes the US believe ‘it was clearly the work of a state actor’.
According to officials, no sensitive information was affected because classified networks exist independently of the ones in question, and were not penetrated during the cyber attack. It is hoped that Internet connectivity for Joint Chiefs staff -which serve the chairman of the Joint Chiefs on matters that span from budget to military – will be back online in the next few days.
So far, it is believed the attack relied on a simple spear phishing technique to penetrate the Pentagon’s system. Phishing relies on computer users opening legitimate looking – but fake – emails that contain malicious malware. The hacker then uses various methods and techniques to further penetrate systems and steal government employee data.
This is not the first time that the US government has experienced a hack. Just last year the White House suffered an embarrassing cyber penetration, and although nothing classified was taken on that occasion either, officials did admit that,
‘the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.’
For this reason, even though this new attack focused on unclassified Pentagon systems, it is possible that sensitive information may have been stolen. As such, despite Navy Capt. Jeff Davis’ insistence that no classified military operations were compromised, it seems possible that more valuable data may have fallen prey to the attack than is being admitted.
This explains why officials are doing their utmost to be transparent about sharing all vital information about the hack with other government agencies, in an attempt to stop it happening again in future.
Although Russia is being blamed, Pentagon officials admit that they cannot yet tell if the hack was carried out by an official government agency or non-government hackers working from Russia covertly. This strongly implies that for the moment very little is known about the perpetrator.
What is known, is that this was ‘the most sophisticated’ cyber attack in US military history, employing techniques that left the Pentagon having to seriously scrub its system to stop it happening again.