Three Months Later, State Department Hasn’t Rooted Out Hackers

[InfoSec News <alerts () infosecnews org>]

http://www.wsj.com/articles/three-months-later-state-department-hasnt-rooted-out-hackers-1424391453

By DANNY YADRON
The Wall Street Journal
Feb. 19, 2015

Three months after the State Department confirmed hackers breached its 
unclassified email system, the government still hasn’t been able to evict 
them from the department’s network, according to three people familiar 
with the investigation.

Government officials, assisted by outside contractors and the National 
Security Agency, have repeatedly scanned the network and taken some 
systems offline. But investigators still see signs of the hackers on State 
Department computers, the people familiar with the matter said. Each time 
investigators find a hacker tool and block it, these people said, the 
intruders tweak it slightly to attempt to sneak past defenses.

It isn’t clear how much data the hackers have taken, the people said. They 
reaffirmed what the State Department said in November: that the hackers 
appear to have access only to unclassified email. Still, unclassified 
material can contain sensitive intelligence.

The episode illustrates the two-way nature of high-technology sleuthing. 
For all of the U.S. government’s prowess at getting into people’s 
computers through the NSA and the military’s Cyber Command, the government 
faces challenges keeping hackers out of its own networks. The discrepancy 
points to a commonly cited problem with defending computers: Playing 
offense almost is always easier than playing defense.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/